3 million Verizon accounts stolen -- Q&A with the person claiming to be behind it
A report surfaced today that Verizon Wireless, a premier mobile carrier in the United States has been breached, with a result of three million customers being compromised. The good news is that the compromise does not seem to be malicious. The bad news is that, as proof of this, 300,000 users' data was released.
While the number may seem large, it represents a small fraction of the company's user base. Still, any customer information released into the wild is bad. So how did this happen and how bad is it?
For that I went to the source and contacted the unidentified person who claims to be behind this. What follows is a brief Q&A I carried out with him or her.
(Note that the hack took place on July 12th, but information has just been released.)
BN: I assume this was not malicious given that you waited so long to release the information?
A: "Nope, just pointing out their flaws since they didn't fix it".
BN: Did you contact Verizon Wireless and, if so, did the company respond at all?
A: "Verizon (FIOS not Wireless), yes, but only a response confirming they got my message, not much more".
BN: So this is FIOS customers?
A: "Yes, FiOS is the only portion in the leak".
BN: But both FiOS and Wireless were compromised?
BN: 300,000 users' information were released. Was this due to frustration from a non-response from Verizon?
A: "Lack of response from them. Only FiOS will be leaked, I have no intentions of leaking more".
At that point I had a couple of more questions, but my subject had apparently had enough. If I get responses to those then I will update this post.
Well, according to the source, and information posted on Pastebin, the service has in fact been hacked. Repeating: while three million users sounds like a huge number, it is actually a very small proportion of the Verizon user base. Sure, the news is not good, but customers can take solace in the fact that this time around there is not malicious intent. In the meantime, Verizon still seems to be in a state of denial, having issued a statement to ZDnet earlier today saying "We have examined the posted data and we have confirmed that it is not Verizon Wireless customer data. Our systems have not been hacked".