If you are a Verizon customer, you may want to consider updating your user information and account password.
About 6 million Verizon subscribers’ personal data was leaked online thanks to a security lapse from Nice Systems, an Israel-based company that partnered with Verizon to analyze customer service calls. The information stemmed from recorded customer service calls over the past six months.
The leaks included customer names, cell phone numbers and account PINs, which can be used to access online accounts, according to ZDNet, which broke the news.
ZDNet reported that at least 14 million records of subscriber calls, which is different from personal data records, were leaked.
In a statement, Verizon said there was no loss or theft of the exposed information, the account PINs do not provide access into online accounts and that other valuable data was leaked.
“The overwhelming majority of information in the data set had no external value… there were no Social Security numbers or Verizon voice recordings in the cloud storage area,” Verizon said. “Verizon is committed to the security and privacy of our customers. We regret the incident and apologize to our customers.”
The exposed customer records were contained in daily log files in six different folders inside an unprotected Amazon S3 storage server controlled by a Nice Systems employee. The records also included hundreds of additional fields for customer service representatives to fill out, including a customer “frustration score,” which can be issued based on what keywords were said during the phone call.
Nice Systems collected the data to “realize intent, and extract and leverage insights to deliver impact in real time,” according to ZDNet. Verizon then used the information to improve customer service.
Nice Systems and Verizon both told ZDNet that they would investigate how the data was left exposed.
The leak was initially discovered by Chris Vickery, director of cyber risk research at security firm UpGuard, who found the data in late June. Verizon took more than a week to patch the leak, according to ZDNet.
Those concerned that their data was leaked should reach out to Verizon’s customer service via phone call or online to change PINs.
Photo: A man walks past a Verizon store in Portland, Oregon, in 2008. (Don Ryan/AP)
Tags: cyber security, leaks, Verizon