Want smarter insights in your inbox? Sign up for our weekly newsletters to get only what matters to enterprise AI, data, and security leaders. Subscribe Now
(Reuters) – Verizon said an attacker had exploited a security vulnerability on its enterprise client portal to steal contact information of a number of customers.
The company said the attacker however did not gain access to Customer Proprietary Network Information (CPNI) or other data.
CPNI is the information that telephone companies collect including the time, date, duration and destination number of each call and the type of network a consumer subscribes to.
Krebs On Security, which first broke the news of the breach, said a member of a underground cybercrime forum had posted a new thread advertising the sale of a database containing the contact information on some 1.5 million customers of Verizon Enterprise.
AI Scaling Hits Its Limits
Power caps, rising token costs, and inference delays are reshaping enterprise AI. Join our exclusive salon to discover how top teams are:
- Turning energy into a strategic advantage
- Architecting efficient inference for real throughput gains
- Unlocking competitive ROI with sustainable AI systems
Secure your spot to stay ahead: https://bit.ly/4mwGngO
The seller priced the entire package at $100,000, but offered to sell it off in parts of 100,000 records for $10,000 apiece, Krebs added. (http://bit.ly/1S9C6Kc)
The vulnerability, which was investigated and fixed, did not leak any data on consumer customers, Verizon said in a statement on Thursday.
The company is currently notifying customers impacted by the breach.
(Reporting by Amrutha Penumudi in Bengaluru; Editing by Diane Craft and Cynthia Osterman)
