Man
Professional
- Messages
- 3,079
- Reaction score
- 615
- Points
- 113
A Push-to-Talk hack exposed sensitive data of important Verizon customers.
Hackers hacked Verizon's service provider and stole data related to the Push-to-Talk (PTT) system that the company offers to government agencies and first responders. The data is now being sold on a hacker forum, as reported by 404 Media.
Verizon's main network, which is used by ordinary consumers, was not affected. The hack affected only a third-party system used for internal communications in companies and government agencies. While the leak is smaller in scale than the recent AT&T or T-Mobile incidents, it raises questions about data protection at telecommunications companies.
Verizon's PTT system allows employees to communicate individually or with groups of up to thousands of people. The service is used not only by businesses, but also by government organizations such as NASA and the US Army, although their contracts with Verizon were signed about 10 years ago.
On the XSS forum, the hackers indicated that they had gained access to the accounts of system administrators, several critical servers and other infrastructure. The amount of stolen information exceeds 900 GB, and the data includes call logs, emails, phone numbers, and addresses. Hackers estimated the stolen data at $200,000.
The cybercriminals have confirmed that the data does indeed belong to Verizon. Although the attackers showed some samples, they refused to provide information with names and addresses.
One of the hackers, known as Judische, has previously carried out attacks on critical infrastructure and telecommunications companies, such as AT&T and Ticketmaster. Judische refers to the Community (Com) criminal community, whose members are engaged in fraud and data theft using cryptocurrency schemes. Many of them start out in online games like Minecraft and Roblox and move on to hacking big companies over time. Com's activities sometimes overlap with the Scattered Spider group, which has carried out several major attacks on American companies in recent years, including MGM Resorts in 2023.
Verizon representatives confirmed that there was a hack of a third-party provider, but the leak did not affect sensitive information, including social security numbers (SSNs) or financial data of customers. The Verizon team has already worked to strengthen security in the supplier's system.
Previously, based on the collected data, Mandiant was able to form a more complete picture of the hacker's personality. Judische is a young man in his early 20s, presumably from Canada, who is passionate about video games and "catgirls" (a popular image in anime), and can also stay awake for days when hacking via Telegram.
Source
Hackers hacked Verizon's service provider and stole data related to the Push-to-Talk (PTT) system that the company offers to government agencies and first responders. The data is now being sold on a hacker forum, as reported by 404 Media.
Verizon's main network, which is used by ordinary consumers, was not affected. The hack affected only a third-party system used for internal communications in companies and government agencies. While the leak is smaller in scale than the recent AT&T or T-Mobile incidents, it raises questions about data protection at telecommunications companies.
Verizon's PTT system allows employees to communicate individually or with groups of up to thousands of people. The service is used not only by businesses, but also by government organizations such as NASA and the US Army, although their contracts with Verizon were signed about 10 years ago.
On the XSS forum, the hackers indicated that they had gained access to the accounts of system administrators, several critical servers and other infrastructure. The amount of stolen information exceeds 900 GB, and the data includes call logs, emails, phone numbers, and addresses. Hackers estimated the stolen data at $200,000.
The cybercriminals have confirmed that the data does indeed belong to Verizon. Although the attackers showed some samples, they refused to provide information with names and addresses.
One of the hackers, known as Judische, has previously carried out attacks on critical infrastructure and telecommunications companies, such as AT&T and Ticketmaster. Judische refers to the Community (Com) criminal community, whose members are engaged in fraud and data theft using cryptocurrency schemes. Many of them start out in online games like Minecraft and Roblox and move on to hacking big companies over time. Com's activities sometimes overlap with the Scattered Spider group, which has carried out several major attacks on American companies in recent years, including MGM Resorts in 2023.
Verizon representatives confirmed that there was a hack of a third-party provider, but the leak did not affect sensitive information, including social security numbers (SSNs) or financial data of customers. The Verizon team has already worked to strengthen security in the supplier's system.
Previously, based on the collected data, Mandiant was able to form a more complete picture of the hacker's personality. Judische is a young man in his early 20s, presumably from Canada, who is passionate about video games and "catgirls" (a popular image in anime), and can also stay awake for days when hacking via Telegram.
Source
