Around 14 million Verizon customers’ sensitive data was exposed online because a third-party contractor forgot to limit external access to an Amazon S3 server.
The server belongs to NICE Systems, an Israeli tech company involved in supplying software for back-office and call centre operations, according to UpGuard, a cyber-security company that discovered the leak.
Bleeping Computer explains how the server and its data were accessible, and that details such as Verizon customer names, addresses, account details, and for some account PINs, were accessed from January 2017 through June 2017.
Moreover, data from French mobile operator Orange was also exposed as the same NICE Systems server contained data from the mobile telco, but unlike the Verizon data, the Orange folder contained what appeared to be internal files, not as sensitive as the data stored in the Verizon directory, the online publication continues.
Experts say they contacted Verizon and NICE on June 13, when they discovered the server, but the leak was fixed nine days later on June 22.
Source: The Paypers