Skip to content
Thoughtful, detailed coverage of everything Apple for 28 years
and the TidBITS Content Network for Apple professionals
2 comments

[Updated] Verizon Users: Change Your PIN Immediately

In the latest piece of high-profile security news, PINs associated with 6 million Verizon accounts were exposed on an unsecured server, along with subscriber names. The information came from call logs from landline customers who had contacted Verizon customer service in the last 6 months. Verizon asks for a PIN when you call in to make account changes, so an attacker with that information could not only make unwanted changes to your account, but also hijack your account in such a way as to intercept text messages used for two-factor authentication. (Better 2FA options include a system like Apple’s, which relies on an Apple-managed communications channel to devices you own, or an authenticator app like Google Authenticator, Authy, or 1Password.) If you use Verizon and particularly if you know you have contacted the company recently, log in to your Verizon account or call Verizon to change your PIN as soon as possible.

[Update: Verizon has now issued a statement clarifying that the information was exposed, but not accessed by anyone other than the security researcher who reported the problem. Verizon took pains to note that the data was unrelated to Verizon Wireless, and that the information came from landline customers, contained only a limited number of cell phone numbers for contact purposes, and could not be used on its on to make account changes, rendering the two-factor authentication worry moot.]

Read original article

Subscribe today so you don’t miss any TidBITS articles!

Every week you’ll get tech tips, in-depth reviews, and insightful news analysis for discerning Apple users. For 28 years, we’ve published professional, member-supported tech journalism that makes you smarter.

Registration confirmation will be emailed to you.

Comments About [Updated] Verizon Users: Change Your PIN Immediately