Verizon Enterprise Solutions hacked, 1.5 million business clients exposed

Verizon Enterprise Solutions, which regularly assists clients in responding to data breaches, has suffered a breach affecting a reported 1.5 million business customers.

These customers are now more vulnerable to phishing attacks due to the breach.

Verizon has stated that the attack exposed basic contact information due to a vulnerability in their enterprise client portal. The vulnerability has been addressed and Verizon maintains that no customer proprietary network information, or other data was accessed or accessible. Affected customers are currently being notified.

The breach was first reported on March 24 when security blog Krebs on Security discovered that a database containing the information of 1.5 million Verizon customers was being advertised for sale on an underground cybercrime forum. Buyers were also offered the option of purchasing information pertaining to Verizon’s security vulnerabilities.

Due to its prominence as a security vendor Verizon is a huge target for cybercriminals. This breach should be a reminder to all businesses that even when you have a good security program in place it only takes one human mistake for you to be vulnerable to cyber-attacks. This is especially important because most breaches still rely on time-tested social engineering strategies like phishing.

This breach also demonstrates that all organizations need to have an appropriate incident response plan in place that they can deploy when a breach occurs. This preparation should include cybersecurity tabletop exercises and drills. In many cases it’s not the breach but a company’s response to a breach that makes the biggest impact on their business.

If you have any questions about phishing, phishing testing, or breach response plans, contact ITPAC today.