August 25, 2006 5:11 PM PDT

Verizon gaffe lets customer details slip

By Joris Evers
Staff Writer, CNET News

Share
- Digg
- Del.icio.us
- Reddit
- Facebook
Email
Print

Related Stories: Theft of laptop puts thousands of identities at risk
August 11, 2006; VA laptop breach victims to get free ID monitoring
August 10, 2006; Coalition launches ID theft center
June 28, 2006; ZoneAlarm adds ID theft protection
June 5, 2006; Suffering in silence with data leaks
March 29, 2006; ID theft tops list of fraud complaints
January 25, 2006; Protecting cell phone users' privacy
January 20, 2006

Verizon Wireless this week accidentally distributed a file with limited details on more than 5,000 customers outside the company, potentially giving identity thieves a toehold.

The Microsoft Excel spreadsheet file was e-mailed on Monday and includes names, e-mail addresses, cell phone numbers and cell phone models of 5,210 Verizon Wireless customers, going by a copy of the file obtained by CNET News.com. All of the customers have Motorola Razr phones, according to the spreadsheet.

The spreadsheet was inadvertently sent to about 1,800 people, all Verizon Wireless subscribers, according to a follow-up e-mail apologizing for the gaffe that the mobile carrier sent on Thursday. The Excel file was attached to an ad for a Bluetooth wireless headset, instead of the electronic order form that was supposed to be sent.

"Verizon Wireless takes the security, confidentiality and integrity of your personal information very seriously, and we deeply regret this error," the company said in the Thursday e-mail. It said that it has already implemented additional quality control procedures and process improvements to prevent a re-occurrence.

A Verizon Wireless representative confirmed the incident, but could not immediately provide specific details when reached Friday afternoon.

The information in the document is limited and does not immediately expose those listed to fraud, the company said in its apology. Yet it recommends that people affected review their bills more carefully and add a password to their account by calling 1-866-861-5096.

While the privacy breach in no way makes identity theft automatic, it helps put a clever fraudster in the starting blocks, said James Van Dyke, the principal analyst at Javelin Strategy & Research in Pleasanton, Calif., which tracks identity fraud.

"To commit ID fraud, you must do several things well. This just makes the job slightly easier," he said. For example, with this list in hand, a fraudster could call the listed numbers, pretend to be a Verizon Wireless representative and ask the subscriber for information to update the account.

One Verizon Wireless customer whose details were included in the file said he was upset about the flap. "Someone just got incredibly careless sending out a sales e-mail," said Frank Donley of Fresno, Calif. "With all the privacy incidents you read about recently, I should feel relieved that my credit card number, Social Security number or some other secure info wasn't released."

See more CNET content tagged:
Verizon Wireless, Verizon Communications, quality control, identity fraud, spreadsheet

Add a Comment (Log in or register) 7 comments

Could'a, should'a...
by ml_ess August 28, 2006 9:48 AM PDT: Woops, they did it again..! This would be shocking news, if we didn't hear stories like this all the time... "Private data distributed to unauthorized parties! Risk of identity theft rampant!"

Lesson learned here: private businesses and government organizations need to invest in email anti-theft software that secures outbound email... which often contains customer data, employee information and other crucial corporate assets.
http://essentialsecurity.com/Documents/article10.htm; Reply to this comment

How DOES one just email 5,210 people?
by troob August 28, 2006 9:51 AM PDT: I'm a Verizon Wireless customer. And I'm wondering how DOES one only just email 5,210 people? I see no apology on VZW's web site acknowledging this mess, either. Perhaps time to get blankety-blank outta Dodge, Marshall Dillon.; Reply to this comment

What precautions are being taken?
by mveronica August 28, 2006 9:52 AM PDT: The article fails to explain what "additional quality control procedures and process improvements" are being implemented to "prevent a re-occurrence". If this means that the people who accidently attached the database to the email or going to a get a slap on the wrist and a warning that if it ever happens again, it's termination of employment, I would not be satisfied as a Verizon customer. You'd think that after the AOL incident, a red flag would go up to all companies who possess sensitive customer information. Hopefully, some kind of data encryption is being used so that if such documents accidently get attached again, the receivers will not be able to view it. This article provides some pointers for doing just that:

http://www.essentialsecurity.com/Documents/article9.htm; Reply to this comment View reply
Processing

responsibility
by ml_ess August 28, 2006 7:09 PM PDT: The problem here is still security. If a fraudster doesn't have a Social Security Number, but has gotten a hold of other information that a company like Verizon might have (name, address, bank account information), it could still be enough to inflict damage.
It's like saying "businesses should just not use laptops"... truth is, they'll continue using laptops and if not, carelessness will lead to security breaches anyway.
We can only hope that Verizon has learned its lesson (http://www.iwantmyess.com/?p=90) and will implement increased security measures in the email arena.; Reply to this comment

Worse!!
by kor17 August 30, 2006 11:32 AM PDT: I experienced a worse privacy violation just this week. I received an email from Verizon informing me that my application for a discount program was accepted. Attached to the email was a file that contained my personal data (images of my drivers license and check stub) along with the private data of 25 other people who applied to the discount program. So I'm sure at least 25 people receieved the same file. I contacted the Verizon store that was responsible but I haven't heard from them yet. Next step is contacting the Attorney General.; Reply to this comment

Latest tech news headlines

What you can--and can't--find about Palin on the Internet
Posted in News - Politics and Law by Stephanie Condon

September 4, 2008 10:20 PM PDT
Michael Moore plans Net-only film premiere
Posted in News - Digital Media by Steven Musil

September 4, 2008 9:20 PM PDT
McCain talks up oil drilling, green energy
Posted in News - Politics and Law by Declan McCullagh

September 4, 2008 9:11 PM PDT

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.

More feeds available in our RSS feed index.

Inside CNET News

Scroll Left Scroll Right

Nanotech: The Circuits Blog
Timing rumors surface for AMD plant spin-off
Rumors persist that Advanced Micro Devices is planning to spin off all or part of its manufacturing operations.
Gallery
Photos: Ron Paul's RNC alternative
As the Republican convention took place just miles away, a crowd rallied for the former presidential candidate and his message of limited government, ensured civil liberties, lower taxes, and peace.
Digital Noise: Music and Tech
Was 1980s music that bad?
NPR asks listeners which year featured the best music, and the 1980s emerge as a bleak era. Personally, the '80s figure prominently in my collection, but well behind the 1970s.
Beyond Binary
Microsoft begins big ad push
Microsoft's multi-year push, estimated at $300 million, begins with a spot featuring Bill Gates and Jerry Seinfeld aired during Thursday's NFL game.
Video
YouTube plays party politics
During the presidential campaigning four years ago, YouTube didn't even exist. Now it's a tool candidates must master to get their message across. CNET's Kara Tsuboi stops by the YouTube upload booths at the Democratic and Republican conventions to find out why Google's video site has such a big presence in Denver and St. Paul, Minn.
News - Digital Media
Michael Moore plans Net-only film premiere
Filmmaker plans to premiere his latest documentary exclusively on the Internet for free, forgoing the traditional theatrical release.
Video
Political party playlists
We know the Democrats and Republicans are split over policy issues, but does their musical taste fall down party lines too? And what kind of gadgets did they bring to the conventions to listen to their music? CNET reporter Kara Tsuboi finds out.
News - Politics and Law
What you can--and can't--find about Palin on the Internet
John McCain's choice of Sarah Palin as a running mate has inspired a wealth of creativity on the Internet.
News - Cutting Edge
Execs predict next Google-like tech
On eve of company's 10-year anniversary, researchers and business pundits speculate about what technologies might someday have as much impact as Google.
Gallery
Photos: The brains behind Google Chrome
Here's a look at some of the engineers and executives who took the stage at the company's headquarters as they unveiled the new browser.
Crossfade
Ying Yang Twins, 'Look Back At It': Free MP3 of the Day
This amped-up duo gets the party started with a mix of crisp, Southern hip-hop beats and shout-along rhymes. Download a free MP3 of "Look Back At It" courtesy of CNET Download Music.
Green Tech
Clean-tech group forms to support Obama
"Clean Tech and Green Business for Obama" aims to raise $1 million for the Democratic presidential nominee while elevating issues of climate change and alternative energy.