Verizon is dealing with an incident where a hacker captured a database containing agency employee data including the full names of workers as well as their ID numbers, email addresses, and phone numbers. Motherboard reported that the database is legitimate as the anonymous hacker contacted them last week and they were able to verify the data by calling some of the numbers. The hacker is seeking $250,000 in exchange for not leaking the database and said they are in contact with Verizon. A Verizon spokesperson contacted motherboard confirming the incident saying a fraudster currently contacted us bullying to release willingly obtainable employee directory information in exchange for payment from Verizon. We do not believe the fraudster has any sensitive information and we do not plan to connect with the individual additional. As always we take the security of Verizon data very dangerously and we have strong measures in place to protect our people and systems. The hacker claims they nabbed the database by social engineering their way into distantly connecting to a Verizon employee’s computer. The hacker’s account in an email sent to vice is that they posed as internal support coerced the Verizon employee to permit remote access and then launched a script that copied data from the computer. The information that was stolen could still be harmful. If you’re ever had to get support from a carrier over the phone you might have had to deal with the different departments that handle activating your SIM card. If a purported hacker poses as an employee and spoofed their number as one from the database they could continue to use social engineering for SIM swapping fraud.
Read More: Hacker group leaks Microsoft source code for Bing and Cortana