Verizon is notifying more than 63,000 people, mostly current employees, that an insider, accidentally or otherwise, had inappropriate access to their personal data.
The Pine Tree state's strict data loss rules require security snafu disclosures, even though in this case only 82 of its residents were directly affected.
At the heart of the drama: A Verizon employee apparently obtained a file that they shouldn't have had access to, containing personal information including: names, addresses, Social Security numbers or other national identifiers, gender, union affiliation, dates of birth, and compensation information.
There are some former Verizon employees included who they will be notified and offered the same services as current team members.
An internal review of the error remains ongoing, though as of now it does not appear to be a rogue insider intent on selling coworker info on criminal marketplaces, we're told.
In light of the snafu, Verizon tells us it is boosting its technical controls to prevent future unauthorized file access.
The cellular giant is also offering affected individuals two years of free credit monitoring and identity protection services and if fraud occurs, they can receive up to $1 million in reimbursement for stolen funds and expenses.
Verizon's most recent security snafu happened back in October 2022 when some of its prepaid customers' accounts were compromised by crooks attempting to hijack their phone numbers via SIM swapping methods.
From there, the criminals attempted to transfer the victims' phone numbers to other devices, which would allow the fraudsters to access one-time security codes and then break into the victims' banking apps and other online accounts.
This Cyber News was published on go.theregister.com. Publication date: Tue, 06 Feb 2024 19:13:05 +0000