Verizon is the largest US carrier, but it appears to have joined T-Mobile in the ranks of those recently suffering a data breach.
According to the SafetyDetectives cybersecurity team, a database containing 7.5 to 9 million Verizon customer records has been been uploaded to an online forum. The records include data for both cellular and home internet customers.
According to SafetyDetectives, the data does not appear to be particularly sensitive, although it is recent, with the forum post claiming the data was “stolen by hackers” in January 2023.
Our researcher believes that the leaked database contains data stored by Verizon prior to January 2022. SafetyDetectives has reached this conclusion concerning the timeframe due to clues hidden in the filenames contained in the records. However, we cannot be conclusive with these indicators alone.
Overall, the breach does not appear to be cause for much direct concern, although the data could be cross-referenced with other breaches to build a more complete profile of impacted users.
While the information contained in the records does not appear to be highly sensitive or to contain Personal Identifiable Information (PII) – such as full names or physical addresses – some of the data points could be merged with other leaks. For example, if combined with an existing PII leak, an attacker could have a higher chance of success in impersonating a customer.