Pierluigi Paganini March 25, 2016

Hackers reportedly stole the records of 1.5 million customers of Verizon Enterprise which are offered for sale in the criminal underground.

According to KrebsOnSecurity, data leaked after a security reach at Verizon Enterprise Solutions are available in the cyber criminal underground. Records of 1.5 million customers of Verizon Enterprise are available for sale, the entire archive is offered for $100,000, but buyers can pay for a set of 100,000 customer records that goes for $10,000.

“Earlier this week, a prominent member of a closely guarded underground cybercrime forum posted a new thread advertising the sale of a database containing the contact information on some 1.5 million customers of Verizon Enterprise.” wrote the popular investigator Brian Krebs.

The crooks also offered information about Verizon security flaws that likely allowed hacking one of the systems at the company.

“Buyers also were offered the option to purchase information about security vulnerabilities in Verizon’s Web site,”.

The situation in embarrassing because Verizon Enterprise also offers security services to its customers for the protection of their data. 97 percent of Fortune 500 companies are customers of the Verizon Enterprise.

The database is available in multiple formats, including MongoDB. There have been many incidents over the past period where misconfigured MongoDB databases exposed a large number of records of sensitive information.

Verizon Enterprise representatives have confirmed the data breach suffered by their website and the presence of the flaw exploited by the attackers, already fixed by its experts. The company noted that the hackers have not gained access to customer proprietary network information or other data.

“Verizon recently discovered and remediated a security vulnerability on our enterprise client portal,” Verizon said in an emailed statement.

“Our investigation to date found an attacker obtained basic contact information on a number of our enterprise customers,” Verizon told to Brian Krebs. “No customer proprietary network information (CPNI) or other data was accessed or accessible.”

Stolen data could be exploited by attackers in spear-phishing attacks as explained by Krebs.

“Even if it is limited to the contact data for technical managers at companies that use Verizon Enterprise Solutions, this is bound to be target-rich list,” he wrote.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Verizon Enterprise,  cybercrime)

[adrotate banner=”12″]