Verizon accounts come in a few different forms: contract accounts and Verizon prepaid accounts. Contract accounts are where the customer signs on for service on a yearly or more basis, and Verizon prepaid accounts typically are on a month-to-month basis.
Verizon prepaid customers typically like the freedom and flexibility of not being tethered to a long contract, but some of those Verizon prepaid customers have had their accounts breached. Verizon did not disclose the number of accounts affected, but Verizon prepaid customers were notified of the breach. Here’s what the company had to say about the security breach.
“We determined that between October 6 and October 10, 2022, a third-party actor accessed the last four digits of the credit card used to make automatic payments on your account. Using the last four digits of that credit card, the third party was able to gain access to your Verizon account and may have processed an unauthorized SIM card change on the prepaid line that received the SMS linking to this notice. If a SIM card change occurred, Verizon has reversed it.”
Verizon also says it blocked any further access to Verizon prepaid accounts, and there was no evidence that the activity was still occurring.
Szilveszter Szebeni, CISO and the co-founder of email encryption-based security solutions company Tresorit said this about the incident.
“While Verizon seems to have handled the breach well, this is another example of how SMS 2-factor authentication can be hacked using unauthorized SIM swapping. Users should not fall back on SMS 2 factor for security while reusing passwords. The use of a password manager and using a unique password for each service is still rule number one.”
What do you think of this security incident? Are you a Verizon prepaid customer? Please share your thoughts on any of the social media pages listed below. You can also comment on our MeWe page by joining the MeWe social network. Be sure to subscribe to our RUMBLE channel as well!
Last Updated on October 20, 2022.