Verizon Communications is warning that an insider data breach impacts almost half its workforce, exposing sensitive employee information.
Verizon is an American telecommunications and mass media company providing cable TV, telecommunications, and internet services to over 150 million subscribers across the U.S. The company has more than 117,000 workers and has an annual revenue of 136.8 billion.
A data breach notification shared with the Office of the Maine Attorney General reveals that a Verizon employee gained unauthorized access to a file containing sensitive employee information on September 21, 2023.
Verizon discovered the breach on December 12, 2023, nearly three months later, and determined it contained sensitive information of 63,206 employees.
This incident does not appear to impact customer information.
Verizon says it is actively working towards strengthening its internal security to prevent similar incidents from occurring again in the future and noted that at this time, there are no signs of malicious exploitation or evidence of the data having been widely leaked.
To protect exposed individuals from the risks posed by the security incident, Verizon has enclosed instructions on enrolling in a two-year identity theft protection and credit monitoring service in the notices sent to impacted employees.
Verizon recently discovered that an employee inappropriately handled a file containing certain personal information about some Verizon employees.
At this point, we have no reason to believe the information was improperly used or that it was shared outside of Verizon.
We are notifying the affected employees and applicable regulators about the matter.
We have not referred this incident to law enforcement.
There is no indication of malicious intent nor do we believe the information was shared externally.
Verizon has had a relatively calm period regarding cybersecurity incidents in the past few years.
The firm's last major incident was announced in October 2022, when hackers attempted to perform SIM swaps to hijack customer accounts.
Although Verizon says it blocked the activity and reversed unauthorized changes, sensitive customer information such as partial credit card data, names, telephone numbers, billing addresses, and other service-related info was exposed.
HPE investigates new breach after data for sale on hacking forum.
Trezor support site breach exposes personal data of 66,000 customers.
Mint Mobile discloses new data breach exposing customer data.
Former IT manager pleads guilty to attacking high school network.
Cloud engineer gets 2 years for wiping ex-employer's code repos.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Tue, 06 Feb 2024 16:10:09 +0000