A new thread in an underground cybercrime forum was discovered advertising the sale of troves of data containing close to 1.5 million customer information. Security journalist, Brian Krebs stated in a report last week that the mined data belongs to Verizon Enterprise Solutions—a segment of the telecommunications company ironically known for responding to some of the world’s biggest data breach cases.
In a statement, the company said, “Verizon recently discovered and remediated a security vulnerability on our enterprise client portal. Our investigation to date found an attacker obtained basic contact information on a number of our enterprise customers. No customer proprietary network information (CPNI) or other data was accessed or accessible.”
The post marked the stolen information with a $100,000 price tag for the entirety of the database while segments of the data—containing 100,000 records for $10,000—were also sold to interested parties. According to Krebs, the database available was also sold in various formats, including the database platform MongoDB.
Interestingly, the crooks behind the theft and resale of information also offered information about security vulnerabilities found in Verizon’s website. While no further details about the breach was shared, the company divulged that a discovered website flaw could have opened a roadmap to the company’s repository of customer information. It was then noted that right now, the concerned parties are already being notified.
Security researchers, however, are exploring possibilities that the breach was could have been caused by an SQL injection vulnerability. Researcher Deral Heiland furthered, “If [database platform] MongoDB was being used, this is known as a NoSQL database and traditional SQL injection attacks will not work, although NoSQL databases are still subject to injection attacks, which can be leveraged to extract data from the MongoDB.” As noted by Krebs, it appears that the perpetrators succeeded in coercing the MongoDB system to dump its contents.
The 2015 annual security roundup revealed how the past year was marked by massive data breaches, and how even the most unlikely of victims can be targets—including those that seemingly had an iron cage of protection and impenetrability, as well as those that promised security. In June 2015, password manager, LastPasss shared “suspicious activity” that got through their network that compromised the security of their client base, compromising account email addresses, password reminders, server per user salts, and authentication hashes.
With this incident in mind, the world of cybersecurity is faced yet again with another ironic turn of events. Verizon Enterprise is known to share and disclose cautionary tales of data breaches, with a customer base that includes 99% of Fortune 500 companies. With the company’s customer information being sold underground, it could very well mean that these customers will soon be at the crosshairs of phishing and other forms of targeted attacks.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.