In recent years, data breaches have become an all-too-common occurrence in the world of technology and business.
One of the most notable examples is the data breach that occurred at Verizon Telecommunications company multiple times. Below is the timeline for the Verizon data breaches. A list of all Verizon data breaches is given with a timeline below.
Table of Contents
March 2023 – Verizon Data Breach
A popular hacker forum “Breached Forums” has posted records of over 7 million Verizon users in March 2023. The leaked data consisted of contract information, device details, encrypted customer IDs, and other information.
However, it appears that unencrypted personal data was not part of the leak. Verizon stated that the problem was caused by an external vendor and that it was resolved in January 2023.
October 2022 – Verizon Data Breach
Verizon informed prepaid customers in October 2022 that their accounts were accessed by a third party during a four-day attack, compromising approximately 250 accounts.
The hackers were able to view the last four digits of customers’ payment card numbers, which allowed them to gain access to other account details like names, phone numbers, and billing addresses.
The hackers may have also conducted unauthorized changes, like SIM swaps, which could potentially compromise other accounts. To mitigate the damage, Verizon reset PIN codes and provided guidance on how to protect non-Verizon accounts that could be affected by a SIM swap.
May 2022 – Verizon Data Breach
In May 2022, an individual used social engineering to gain access to internal systems and gather internal contact information, as well as additional details on Verizon employees such as names, ID numbers, phone numbers, and email addresses.
The attacker then downloaded the information and demanded a payment of $250,000 in exchange for not releasing the database.
Although Verizon declined to engage with the hacker, citing that the information was already available, the leaked database could still pose a potential threat as it could enable hackers to impersonate employees or carry out malicious activities such as flooding the Verizon email system with spam messages.
July 2017 – Verizon Data Breach
Verizon acknowledged in July 2017 that personal information, including customer names, phone numbers, and account PINs, for approximately 6 million Verizon users had been leaked online due to a misconfiguration error on a cloud server.
UpGuard was the first to discover the issue and alerted Verizon, who acted quickly to prevent public access to the data.
Even though the data wasn’t stolen through a hack or similar attack, the exposure of this information still put the affected customers at risk, as anyone could have accessed it and posed as a customer.
As a result, Verizon advised its customers to update their PINs to reduce the impact of any unauthorized access to their information.
March 2016 – Verizon Data Breach
In March 2016, it was reported that the contact information of over 1.5 million Verizon Enterprise customers had been exposed due to a hack that exploited a security vulnerability.
The data was leaked on a cybercrime forum and the hackers attempted to sell it for prices ranging from $10,000 to $100,000. In addition, the hackers offered information about security vulnerabilities on the Verizon website to interested buyers.
Fortunately, Verizon was able to quickly address the vulnerability once they became aware of it and no consumer data was involved in the breach.
The impacted Verizon Enterprise customers were notified by Verizon about the issue. The security vulnerability was related to the enterprise client portal.
November 2008 – Verizon Data Breach
Verizon reportedly terminated an undisclosed number of employees in November 2008 for accessing cell phone records of then-President-Elect Barack Obama without authorization.
Although the workers involved were only providing customer support, they were not permitted to access customer records without explicit customer requests.
Even though the phone in question was not being used by Obama during the firings and the workers did not have access to the content of messages or voicemails, they could have potentially viewed other activities such as dialed or incoming phone numbers and call durations.
The device was not a smartphone and did not have email or similar data-related capabilities. Verizon conducted an investigation to determine if any information collected by the employees was shared with others and informed the relevant authorities about the incident.