[TheRecord] Verizon-owned wireless carrier Visible confirms account hacks, denies breach

Visible, an all-digital wireless service provider based in the US and owned by Verizon, confirmed today that hackers gained access to customer accounts, but the company denied any breach of its backend infrastructure.

The carrier’s confirmation comes after multiple customers complained about losing access to their Visible accounts in posts made on Reddit and Twitter on Tuesday.

Customers said that hackers broke into their Visible accounts, changed login passwords, updated shipping addresses, and then bought and charged new smartphones to the hacked accounts.

On Wednesday, after more than a day of non-stop complaints, the carrier finally confirmed the hacks in a message sent to affected customers.

According to a copy of the message seen by The Record, the company claims that the account intrusions took place after hackers used login details from data breaches at other companies — also known as credential stuffing attacks.

Visible is aware of an issue in which some member accounts were accessed and/or charged without their authorization. As soon as we were made aware of the issue, we immediately initiated a review and started deploying tools to mitigate the issue and enable additional controls to further protect our customers.

Our investigation indicates that threat actors were able to access username/passwords from outside sources, and exploit that information to login to Visible accounts. If you use your Visible username and password across multiple accounts, including your bank or other financial accounts, we recommend updating your username/password with those services. 

Visible

The carrier is now asking users to change their passwords.

In addition, the company also announced updates to its purchasing process, which will now require specific user interaction.

Moving forward, any purchases will require you to re-validate your payment information as an added security measure. If there is a mistaken charge on your account, you will not be held accountable, and the charges will be reversed.

Visible

A Visible spokesperson told The Record that the company plans to notify attorney general offices across the US once it finishes its investigation.

The post Verizon-owned wireless carrier Visible confirms account hacks, denies breach appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

[SecurityWeek] Hacker Dubbed ‘Mr White Hat’ to Return Entire Stolen Crypto Fortune

All posts, Security Week

A firm specializing in transferring cryptocurrency said Thursday that a hacker they are calling “Mr White Hat” was giving back all $613 million in digital loot from a record haul. Poly Network had put out word previously that nearly half of the digital assets swiped early this week had been returned. read more Source: Read […]

Read More

[HackerNews] Researchers Uncover New Android Spyware With C2 Server Linked to Turla Hackers

All posts, HackerNews

An Android spyware application has been spotted masquerading as a “Process Manager” service to stealthily siphon sensitive information stored in the infected devices. Interestingly, the app — that has the package name “com.remote.app” — establishes contact with a remote command-and-control server, 82.146.35[.]240, which has been previously identified as infrastructure belonging to the Source: Read More […]

Read More

[ThreatPost] Linux-Focused Cryptojacking Gang Tracked to Romania

All posts, ThreatPost

The gang is using a new brute-forcer – “Diicot brute” – to crack passwords on Linux-based machines with weak passwords. Source: Read More (Threatpost)

Read More