New Verizon leak exposed confidential data on internal systems

(Image: file photo)

Security researchers have found yet another data exposure at Verizon.

Confidential and sensitive documents, including server logs and several instances of credentials for internal systems, were found on an unprotected Amazon S3 storage server controlled by a Verizon Wireless customer, discovered by security researchers at the Kromtech Security Research Center.

The server contained several files, mostly scripts and server logs -- some appeared to show usernames and passwords to internal systems.

Other folders contained internal Verizon documents, many of which were marked "confidential and proprietary materials," include detailed server and infrastructure maps, server IP addresses, global router hosts, and several scripts that could be used to gain elevated privileges within the system.

A portion of the files were shared with ZDNet for verification.

The files largely appear to refer to internal Verizon Wireless systems, known as Distributed Vision Services (DVS), a middleware system that's used to deliver data from the back-end of the company to the front-end applications used by employees and staff in stores and at call centers, such as point-of-sale services and customer data portals.

According to one of the slide decks, DVS volume averages more than one billion transactions per day.

It's not clear why the confidential documents were stored on a public server. The employee who ran the server, who we are not naming, told ZDNet on the phone Thursday that the files were "not confidential," and said that Verizon was fully aware of the server's existence.

Following a private disclosure, the server is no longer accessible.

Although no customer data was involved, the information could be useful for attackers to know the layout of the company's systems. It's not known if anyone else beyond the security researchers accessed the bucket.

It's another embarrassing incident for Verizon -- the third known exposure in two years.

The first led to the theft of 1.5 million records at Verizon Enterprise Solutions. The second was found just a few weeks ago as a result of a similar Amazon server misconfiguration. As many as 14 million subscribers were affected.

A Verizon spokesperson said the company's security team is "aware," but had no details to share at the time of publication.

Contact me securely

Zack Whittaker can be reached securely on Signal and WhatsApp at 646-755–8849, and his PGP fingerprint for email is: 4D0E 92F2 E36A EC51 DAAE 5D97 CB8C 15FA EB6C EEA5.

Read More

from Latest Topic for ZDNet in... http://ift.tt/2xXBNDM