Check out all the on-demand sessions from the Intelligent Security Summit here.


(Reuters) – Verizon said an attacker had exploited a security vulnerability on its enterprise client portal to steal contact information of a number of customers.

The company said the attacker however did not gain access to Customer Proprietary Network Information (CPNI) or other data.

CPNI is the information that telephone companies collect including the time, date, duration and destination number of each call and the type of network a consumer subscribes to.

Krebs On Security, which first broke the news of the breach, said a member of a underground cybercrime forum had posted a new thread advertising the sale of a database containing the contact information on some 1.5 million customers of Verizon Enterprise.

Event

Intelligent Security Summit On-Demand

Learn the critical role of AI & ML in cybersecurity and industry specific case studies. Watch on-demand sessions today.

Watch Here

The seller priced the entire package at $100,000, but offered to sell it off in parts of 100,000 records for $10,000 apiece, Krebs added. (http://bit.ly/1S9C6Kc)

The vulnerability, which was investigated and fixed, did not leak any data on consumer customers, Verizon said in a statement on Thursday.

The company is currently notifying customers impacted by the breach.

(Reporting by Amrutha Penumudi in Bengaluru; Editing by Diane Craft and Cynthia Osterman)

VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.