Verizon Alerts Prepaid Customers to Recent Security Breach
Verizon notified prepaid customers this week of a recent cyberattack that granted third-party actors access to their accounts, as reported earlier Tuesday by BleepingComputer. The attack occurred between Oct. 6 and Oct. 10 and affected 250 Verizon prepaid customers.
“We recently identified possible unauthorized activity involving about 250 prepaid wireless accounts. We secured these accounts and put in place additional measures to protect our customers from further unauthorized access or fraud,” Verizon said in a statement. “Verizon has notified the impacted customers and was advised on additional steps the customers can take to enhance their account security.”
The breach exposed the last four digits of customers’ credit cards used to make payments on their prepaid accounts. While no full credit card information was accessible, the information was enough to grant the attackers access to Verizon user accounts, which hold semi-sensitive data such as “name, telephone number, billing address, price plans, and other service-related information,” per a notice from Verizon.
Account access also potentially enabled attackers to process unauthorized SIM card changes on prepaid lines. Also known as SIM swappingunauthorized SIM card changes can allow for the transfer of an unsuspecting person’s phone number to another phone.
From there, the counterfeit phone can be used to receive SMS messages for password resets and user identification verifications on other accounts, giving attackers potential access to any account they have, or can guess, the username for. Consequently, Verizon recommended affected customers secure their non-Verizon accounts such as social media, financial,