A hack has exposed the data of an estimated 1.5 million Verizon Enterprise Solutions customers, the carrier confirmed.
The breach comes as a blow to the Verizon unit, which is itself a provider of IT security and incident response support for Fortune 500 companies.
According to Verizon, the hack exposed the “basic contact information” of impacted enterprise clients but “no customer proprietary network information (CPNI) or other data was accessed or accessible.” No data from the carrier’s consumer customers was exposed in the attack, Verizon said.
The carrier said it has already located and fixed the exploited vulnerability in its online enterprise client portal. Verizon said it is currently notifying impacted customers.
Originally revealed by security journalist Brian Krebs on his site KrebsOnSecurity, the hack reportedly saw the information of more than one million Verizon Enterprise customers posted for sale in a “closely guarded underground cybercrime forum.”
According to Krebs, the information was being sold as a single database chunk for $100,000 or in sections of 100,000 records for $10,000 each. The hacker was also offering to sell information about security weaknesses on Verizon’s website, Krebs reported.