[BreachExchange] A small wireless carrier owned by Verizon reported a data breach. Customers say they're livid at how it was handled.

Fri Oct 15 08:58:42 EDT 2021

https://www.businessinsider.com/verizon-wireless-carrier-visible-reported-data-breach-customers-2021-10

Wireless carrier company Visible confirmed reports of a data breach that
gave hackers unauthorized access to customers' accounts and payment
information, but some customers say they are still waiting to get
fraudulent charges reversed.

Customers first reported the breach over the weekend after noticing emails
from Visible saying their emails, passwords and addresses had been changed,
but they hadn't initiated the action. Some customers even had unauthorized
charges from Visible placed on their PayPal, debit, or credit card accounts
for costly purchases like an iPhone 12 or the latest iPhone 13 Pro Max that
costs over $1,000.

Several Visible customers told Insider that they were then unable to reset
their passwords because Visible's password reset feature appeared to be
down and any reset emails were going to the changed emails of the bad
actors, not their personal emails.

Visible, owned by Verizon, is an all-digital wireless carrier in the US.
Visible is popular amongst its users for its price–– for as low as $25 a
month, Visible users get unlimited talk, text, data, and mobile hotspot.
Verizon is one of the largest wireless carriers in the US and services over
121.3 million total wireless customers.

Some customers have been upset about the lack of communication from the
company, saying they found out about the breach through conversation on the
internet. Customers have also complained that the carrier has been slow to
act once fraud is detected in their accounts and that they are still unable
to access their accounts several days after the initial breach.

"I'm livid–– not about the breach, it's 2021 and we all know that hacking
is part of our reality–– but about the way Visible has handled the entire
situation," a Visible customer who had been charged $763 for an
unauthorized purchase of an iPhone 12 told Insider. "Instead of alerting
all customers immediately or acknowledging the larger issue, they kept it
under wraps for days and in doing so, probably compromised many of their
customer's other accounts."

Since the COVID-19 pandemic began, hacking activity has been on the rise.
Last year, the FBI reported a 300% increase in the number of cyber crimes
reported, warning people need to be extra cautious, according to The Hill.
Wireless carrier T-Mobile was involved in a data breach last month that
sold millions of customers' information to threat actors on the dark web.
Last week, Syniverse, a major telecommunications company, said hackers had
been in its system for years exposing billions of text messages and
millions of cell phone users' data, Insider reported.

Visible first released a statement on Twitter on Wednesday stating that the
bad actors were able to access customers' usernames and passwords from an
"outside source."

"As soon as we were made aware of the issue, we immediately initiated a
review and started deploying tools to mitigate the issue and enable
additional controls to further protect our customers," a spokesperson from
Visible told Insider in a statement. "If you use your Visible username and
password across multiple accounts, including your bank or other financial
accounts, we recommend updating your username/password with those services."

Three customers told Insider they are wary of the company's explanations
because they had long and unique passphrases for their Visible accounts
that were not used on any other website.

Visible does not offer multi-factor authentication (MFA) for its accounts
which, according to cybersecurity experts, is important in preventing data
breaches and hacks of this nature.

"Passwords, as a single means to authenticate, continue to be a primary
target for attackers," Gary Brickhouse, the chief information security
officer of the cybersecurity firm GuidePoint Security, told Insider in an
email. "This is caused by the use of simple, easily guessed passwords and
other malicious activity such as
phishing
 emails."

80% of breaches like Visible involve brute force or the use of lost or
stolen credentials, something that MFA can help prevent.

"Think of 2 factor authentication as the chain lock on your front door,
while username and password are your keys to the lock, if that chain is in
place, intruders aren't getting in," Adam Kujawa, director of Malwarebytes
Labs told Insider.

Visible customers say they are waiting to see what steps the company takes.

"They've been great up to this point and there's nothing that provides the
same service for near the same price," Visible customer Hailen Jackson told
Insider. "If they don't provide a proper security roadmap/update I will
definitely leave."
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20211015/2241df0f/attachment.html>