Verizon Communications has reportedly notified authorities that it suffered an insider data breach after one of its unnamed employees gained unauthorized access to 63,206 employees' sensitive data.
According to a data breach notification that was given to the Office of the Maine Attorney General, on September 21, 2023, a Verizon employee obtained unauthorized access to a file that contained confidential employee data. It was only on December 12, 2023, almost three months after the incident, that Verizon became aware of the insider breach.
(Photo: Justin Sullivan/Getty Images)
SAN FRANCISCO, CALIFORNIA - JULY 21: A sign is posted on the exterior of a Verizon store on July 21, 2021 in San Francisco, California.
Verizon said that as soon as it became aware of the problem, it examined the pertinent file to identify the kinds of data that were affected. The unnamed worker reportedly gained access to a database containing private data on 63,206 workers, including full names, residential addresses, national identification numbers, Social Security numbers (SSNs), genders, union memberships, dates of birth, and pay details.
Looking ahead, Verizon said in its email notification that it is working to ensure that its technical controls are improved to prevent this kind of thing from happening again.
Verizon's Protective Measures
Thankfully, sources indicate that Verizon claims the data theft appears not to have affected consumer information. Furthermore, according to reports, Verizon said that while there aren't any signs of malicious exploitation or evidence that the data has been publicly disclosed, it is actively working to strengthen internal security to prevent future occurrences of this kind of incident.
As a protective measure, Verizon included information on how to sign up for a credit monitoring and identity theft protection service through Allstate Identity Protection for a period of two years with the breach notification email.
Allstate identification Protection is stated to offer thorough identification and financial monitoring to assist shield finances and personal information from threats like in Verizon's case. Victims may be eligible for complete service restoration and up to $1 million in costs and money returned.
Verizon spokesperson Rich Young stated in a statement that there was no sign of malicious intent, thus the company did not report it to the authorities.
Nonetheless, the company advised those who are impacted to keep an eye out for instances of fraud and identity theft by checking their account statements and free credit reports.
Verizon's Cybersecurity Woes
This incident follows after Verizon's subsidiary, Verizon Business Network Services, reportedly agreed to pay $4.1 million last September to settle claims made by the United States that it did not adhere to mandatory cybersecurity standards.
The settlement settles claims that a Verizon service, which offers secure internet connections and other external networks to federal agencies, did not fully comply with three cybersecurity requirements in contracts spanning from 2017 to 2021.
Over 150 million people in the United States reportedly receive internet, phone, and cable TV services from Verizon, an American media and telecommunications giant. The corporation generates 136.8 billion in a revenue year and employs about 117,000 people.
