14 October 2021

Verizon’s Visible confirms some customer accounts were hacked


Verizon’s Visible confirms some customer accounts were hacked

Visible, a US all-digital wireless carrier owned by Verizon, has confirmed that some customer accounts were breached after threat actors obtained password and login information fr om “outside sources.”

The confirmation comes after some customers complained on social media earlier in the week that their Visible accounts were hijacked. According to users, hackers reset the email address associated with the account to lock them out, and, in some cases, even ordered phones using their payment information.

“My account got hacked and they shipped out a [sic] iPhone 13 worth 1k that was taken from my PayPal,” one Reddit user wrote.

“I literally signed up for Visible yesterday, and bought a [sic] $812 iPhone through their website. I woke up to an email this morning telling me that the email address associated with my account has been changed. […] 7 hours later I got an email saying the shipping address on my account has been changed, and no, I still wasn’t able to log in,” according to another user.

Starting on Monday, multiple customers on both Twitter and Reddit reported that they’d been getting emails from Visible about changed passwords and addresses.

On October 13, the company issued a statement on Twitter, wh ere it said that:

“We're aware of an issue in which some member accounts were accessed and/or charged without their authorization. As soon as we were made aware of the issue, we initiated a review & deployed tools to mitigate the issue, enabling additional controls to further protect our members.”

The company went on to say that the investigation showed that the attackers obtained login info from “outside sources” and used it to login to Visible accounts.

“We don't believe that any Visible systems have been breached or compromised, nor that this unauthorized access to your Visible account is ongoing. However, for your protection, we recommend you review your account contact information and change your password and security questions to your Visible account. We also recommend that you review any other accounts that share the same email, login, or password, and make any changes you determine necessary to secure those accounts,” wrote a Visible employee on Reddit.

Visible is now asking customers to change their passwords. On the downside, it should be noted that the company does not implement two-factor authentication (2FA).

“If you use your Visible username & password across multiple accounts, including your bank/financial accounts, we recommend updating your username/password with those services. Reminder: Visible will never call & ask for your password, secret questions or account PINs.”


Back to the list

Latest Posts

LightBasin hackers compromised 13 global telecoms in just two years

LightBasin hackers compromised 13 global telecoms in just two years

LightBasin is active since at least 2016 and is focused on Linux and Solaris servers, only interacting with Windows systems as needed.
20 October 2021
Suspected Chinese hackers reportedly hit 9 Israeli hospitals

Suspected Chinese hackers reportedly hit 9 Israeli hospitals

Attempted attacks come days after a massive ransomware attack on Hillel Yaffe Medical Center, attributed to the DeepBlueMagic group.
19 October 2021
State-sponsored hackers target orgs in South Asia with custom backdoor

State-sponsored hackers target orgs in South Asia with custom backdoor

Harvester has been observed using both custom malware and publicly available tools, such as Cobalt Strike Beacon and Metasploit, in their attacks.
19 October 2021