updated 08:26 pm EST, Sat December 22, 2012
Verizon customer names, passwords said stolen
A hacker claims to have stolen more than three million customer entries from Verizon's database after hacking the carrier, and he has posted some 300,000 entries to a code-sharing site as proof. The hacker, who goes by the Twitter handle @TibitXimer, says he gained root access to Verizon's customer data servers in July of this year, having worked with an accomplice to identify a security flaw. TibitXimer also says that the customer data -- including account passwords, names, and addresses -- was stored in plain text, requiring no decryption.
TibitXimer revealed his haul today to ZDNet, claiming saying he has access to more than three million customers' names, mobile serial numbers, account passwords, and other information. The hacker says he has no idea exactly how many records he nabbed in total, and that the three million figure is a low estimate calculated from the size of one record and the total size of all the files.
Tibit says that the carrier ignored him when he alerted them to the security vulnerability, and he posted the information to code-sharing site Pastebin after Verizon failed to address the security flaw. He has not committed to leaking the rest of the customer files, though he has left open the possibility of doing so.