Verizon wasn’t hacked, but customers who used the company’s customer support service in the past six months should take action to protect their accounts, as personal data may have been accessed by hackers.
The leak was discovered on June 8th by UpGuard, who disclosed it to Verizon five days later. On June 22nd the issue was fixed.
What happened was that a cloud server operated by Nice Systems was misconfigured, exposing personal data of millions of Verizon customers. That includes various details including names, street and email addresses, phone numbers, and PINs. That’s right, a hacker with this amount of info could easily wreak havoc into Verizon account, including messing with two-factor authentication. If you recycle that PIN for other uses, those accounts might be at risk as well.
Upguard says that some 14 million customers may have been exposed. Verizon says that 6 million customers may be affected. That’s still a lot of people.
It’s unclear if anybody stole the data from the server. As long as nobody accessed the data while it was exposed you should not see any consequences. That doesn’t mean you shouldn’t change your PIN right now, especially if it’s not unique. And while you’re at it, better check the recent activity in your Verizon account, and any other account protected by the same PIN, to make sure there was no abnormal behavior recently.