[BreachExchange] CenturyLink reports customer information exposed after 2.8 million records leaked

[Destry Winant]

https://www.desmoinesregister.com/story/news/2019/10/18/centurylink-customer-personal-information-exposed-2-8-million-records-leaked/4024754002/

A tech company with Iowa offices warns customers of leaked personal
information, according to a CenturyLink Inc. email obtained by the
Register.

An incident with a third-party vendor led to customers' personal
information becoming public, according to the email sent to customers,
including name, address, phone number and CenturyLink account number.

During their investigation, CenturyLink found no leaked financial
information, passwords or any other sensitive information of this
nature.

Comparitech, a website researching tech services, reported the
incident leaked 2.8 million records.

A security researcher discovered the leak Sept. 15, though it had been
exposed many months prior, according to Camparitech. CenturyLink
successfully closed the leak two days later.

CenturyLink spokesman Mark Molzen confirmed the leak via email. He did
not confirm the number of affected customers.

"We will continue to work to protect customer information," Molzen
wrote. "CenturyLink takes the protection of our customers’ information
seriously, and we will work to ensure that we earn our customers’
trust."

CenturyLink is a technology company based in Lousiana with eight
offices in Iowa, including Des Moines, Sioux City, Cedar Rapids and
Council Bluffs.