On the list...
They're on my list of companies I'm very glad I've never done business with. Not that they weren't already there or anything.
“to authenticate a customer calling our wireline call center, but do not provide online access to customer accounts.”
Wasn't there just a story about a TelCo allowing someone even without the proper passcode to request a service change to another persons account, effectively re-directing calls and SMS to the imposter's own phone, bypassing weak SMS authentication?
So if someone had my phone number, name, and PIN, they could do dangerous things to the account, correct, perhaps even force a reset of my online password?
Didn't read article, came to comment that the header image needs be used in all cases like this.
Irony - look it up.
And Verizon bought Yahoo. There's a prime example that the universe has a sense of humor.
Love the PR corporate'eez...
Written by a wanker who has self-entitlement issues regarding people's data, but who also shirks any responsibility. So what was this outfit doing with this data? Feeding it into some election deepmind to manipulate the population once again, but then leaving the data fully exposed later anyway?
The statement from NICE was incoherent - is that a new communication strategy?
"The statement from NICE was incoherent - is that a new communication strategy?"No not really. Listened to any politicians explaining why the back-doors they are calling for aren't really back-doors?
Can I say "I told you so"?
I personally told Verizon not to put their sensitive customer information onto AWS ... but did they listen ... NOOOOOOoooooooo. I don't expect this to be the last time something like this happens.
Title is in reverse..
14 MEEELLION telco subscribers data leaked from crappily configured Amazon Web Services. Clients happen to be Verizon subscribers'. Are any other telco's involved?
NICE to see you
To see you NICE.
"although the large majority of those were hashed"
It was either hashed or it wasn't there is no in between. You don't purposely write code to check if sensitive data is hashed before using it, you salt and hash it all.
Nice have recently moved their support to India and South America. No idea if this is relevant or they're to blame but we've noticed the support from them go from poor to crap.