[TheRecord] Verizon-owned wireless carrier Visible confirms account hacks, denies breach

Visible, an all-digital wireless service provider based in the US and owned by Verizon, confirmed today that hackers gained access to customer accounts, but the company denied any breach of its backend infrastructure.

The carrier’s confirmation comes after multiple customers complained about losing access to their Visible accounts in posts made on Reddit and Twitter on Tuesday.

Customers said that hackers broke into their Visible accounts, changed login passwords, updated shipping addresses, and then bought and charged new smartphones to the hacked accounts.

On Wednesday, after more than a day of non-stop complaints, the carrier finally confirmed the hacks in a message sent to affected customers.

According to a copy of the message seen by The Record, the company claims that the account intrusions took place after hackers used login details from data breaches at other companies — also known as credential stuffing attacks.

Visible is aware of an issue in which some member accounts were accessed and/or charged without their authorization. As soon as we were made aware of the issue, we immediately initiated a review and started deploying tools to mitigate the issue and enable additional controls to further protect our customers.

Our investigation indicates that threat actors were able to access username/passwords from outside sources, and exploit that information to login to Visible accounts. If you use your Visible username and password across multiple accounts, including your bank or other financial accounts, we recommend updating your username/password with those services. 

Visible

The carrier is now asking users to change their passwords.

In addition, the company also announced updates to its purchasing process, which will now require specific user interaction.

Moving forward, any purchases will require you to re-validate your payment information as an added security measure. If there is a mistaken charge on your account, you will not be held accountable, and the charges will be reversed.

Visible

A Visible spokesperson told The Record that the company plans to notify attorney general offices across the US once it finishes its investigation.

The post Verizon-owned wireless carrier Visible confirms account hacks, denies breach appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

[ZDNet] NSW Health confirms data breached due to Accellion vulnerability

All posts, ZDNet

NSW Health is the latest Australian government entity to confirm being impacted by a vulnerability in the Accellion file transfer system. Source: Read More (Latest topics for ZDNet in Security)

Read More

[SecurityWeek] Vermont Hospital Still Calculating Cost of Ransomware Attack

All posts, Security Week

Officials at Vermont’s largest hospital are still trying to determine the full financial impact of the cyberattack last October that knocked out computers affecting three hospitals in Vermont and three in New York. read more Source: Read More (SecurityWeek RSS Feed)

Read More

[SecurityWeek] Google Offers UK Watchdog Role in Browser Cookie Phase-Out

All posts, Security Week

Google is offering U.K. regulators a role overseeing its phasing out of ad-tracking technology from its Chrome browser, in a package of commitments the tech giant is proposing to apply globally to head off a competition investigation. read more Source: Read More (SecurityWeek RSS Feed)

Read More