UpGuard reported discovering up to 14 million Verizon customer details were available to download by anyone who could guess a web address. Verizon has since clarified it was 6 million.
UpGuard traced the data back Nice Systems‘ Israel headquarters. Nice Systems provides both back-office and call center operations systems for Verizon.
ZDNet reported the data was collected from customer calls and stored by Nice Systems so that it can be analyzed to help improve the customer service experience. The log files created contain the last six months of customer call data.
UpGuard informed Verizon of the security risk on June 13, but it wasn’t fixed until June 22.
In a press release, Verizon responded to the data risk saying:
“We have been able to confirm that the only access to the cloud storage area by a person other than Verizon or its vendor was a researcher who brought this issue to our attention. In other words, there has been no loss or theft of Verizon or Verizon customer information……”
“The overwhelming majority of information in the data set had no external value, although there was a limited amount of personal information included, and in particular, there were no Social Security numbers or Verizon voice recordings in the cloud storage area.”