Verizon Data Breach Investigations Report Reviels 1.5M Customers Hacked

More than 1.5 million Verizon Enterprise customers had their contact information leaked on an underground cybercrime forum this week based on feedback from KrebsoSecurity. A security vulnerability, now fixed, provided an opening for the attacker, the business-to-business arm of the mobile and telecom giant told KrebsoOnSecurity. The breach involved basic contact information, not propriety network information, the company told Krebs. “Verizon recently discovered and remediated a security vulnerability on our enterprise client portal,” the company said in an emailed statement. “Our investigation to date found an attacker obtained basic contact information on a number of our enterprise customers. No customer proprietary network information (CPNI) or other data was accessed or accessible.” The seller of the Verizon Enterprise data offers the database in multiple formats, including the database platform MongoDB, so it seems likely that the attackers somehow forced the MongoDB system to dump its contents. Verizon has not yet responded to questions about how the breach occurred, or exactly how many customers were being notified. The irony in this breach is that Verizon Enterprise is typically the one telling the rest of the world how these sorts of breaches take place.  I frequently recommend The Verizon Data Breach Investigations Report (DBIR) because each year’s is chock full of interesting case studies from actual breaches, case studies that include hard lessons which mostly age very well (i.e., even a DBIR report from four years ago has a great deal of relevance to today’s security challenges). Can service providers such as Verizon, AT&T, NTT, BT, DT and others successfully prevent or mitigate such reports? Send your comments to the Cloud and Cyber Security Center: http://cloudandcybersecurity.blogspot.com/