Verizon Enterprise Solutions is a wing of Verizon that offers IT services to big business and government, often including IT security and incident response. So it’s rather embarrassing that a hacker is offering to sell a database with the data of 1.5 million Verizon Enterprise clients.

According to KrebsOnSecurity, a “prominent member of a closely guarded underground cybercrime forum” offered a database up for sale earlier this week. For $100,000, the buyer would receive contact information for 1.5 million customers.

In response to the report, a Verizon Enterprise spokesperson said that the company had “recently identified a security flaw in its site that permitted hackers to steal customer contact information, and that it is in the process of alerting affected customers.”

Advertisement

There’s no cause for concern if you’re a Verizon Wireless consumer, but that list could be a gold mine for more targeted attacks. Verizon Enterprise Solutions lists a who’s-who of Fortune 500 companies and government bodies as its clients; targeted phishing attacks to even a small fraction of those contacts could prove insanely lucrative. Most of all, it’s a remind that no-one—even a top security firm—is immune from simple hacks.

[Krebs On Security]

Sponsored