fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Verizon Digital Carrier Visible Customer Accounts Were Hacked

Verizon Digital Carrier Visible Customer Accounts Were Hacked

Visible, a US digital wireless carrier owned by Verizon, admitted that some customer accounts were hacked after dealing with technical problems in the past couple of days.

The announcement was made on Visible’s official sub-reddit by an employee who said the company is investigating an incident that led to a small number of accounts being breached.

As the post mentions: “We’re currently investigating an incident where information on a small number of member accounts was changed without their authorization. We’re working hard to take protective steps to secure these accountsYou should review any other accounts that share the same email, login, or password, and make any changes you determine necessary to secure those accounts.”

Also Read: PDP Act (Personal Data Protection Act) Laws and Regulation

While the company’s statement provides limited details regarding the incident, the employee advised customers to secure accounts with credentials also used with other online services hinting at a potential credential stuffing attack.

The affected users noticed suspicious activity on their accounts and some report fraudulent card charges too, but they all claim inability to access the accounts and reset their passwords.

User complaining about Visible's inapplicable protection guidelines
User complaining about Visible’s inapplicable protection guidelines
Source: Reddit

Users are also dealing with a privacy breach, as the account dashboards contain sensitive personal details like names, home addresses, and payment details.

Unfortunately, any payment methods added to the account cannot be removed, and only new ones may be added. The old methods can be deleted after a new one has been added, verified, and selected as primary.

In the context of a data breach, this procedure is cumbersome and unhelpful in remediating the situation.

Visible says there was no breach

Visible says that none of its systems have been breached by hackers and advises customers to change their password and security questions out of an abundance of caution.

Although the firm presents this as a limited-scope incident, the fact that the official Twitter handle of Visible’s support has admitted technical issues with the chat platform is raising suspicions.

Members trying to reach us – we’re currently experiencing technical issues with our chat platform and are unable to make any changes to your account. We’re addressing this issue immediately. Please bear with us while our team rectifies the situation.

-Visible— Visible Care (@visiblecare) October 13, 2021

The above was posted a few hours ago, while the security update notice on Reddit came on Monday. This means that whatever is plaguing the services of Visible appears to be persistent and still ongoing.

Also Read: What Does Resolution Of Data Really Means

We have reached out to Verizon for a clarifying statement, but we have not heard back yet.

One crucial point raised by a large number of Visible users is the absence of two-factor authentication as a security option for protecting their accounts.

While 2FA isn’t the ultimate form of security, especially the SMS-based one, it could have provided effective protection against a mass-scale credential stuffing attack, assuming that this is what’s going on.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us