Verizon gaffe lets customer details slip

By Joris Evers
Staff Writer, CNET News

Share
- Digg
- Del.icio.us
- Reddit
- Facebook
- Google
- Newsvine
- Yahoo! Bookmarks
- Twitter
- Stumbleupon
E-mail
Print

Related Stories: Theft of laptop puts thousands of identities at risk
August 11, 2006; VA laptop breach victims to get free ID monitoring
August 10, 2006; Coalition launches ID theft center
June 28, 2006; ZoneAlarm adds ID theft protection
June 5, 2006; Suffering in silence with data leaks
March 29, 2006; ID theft tops list of fraud complaints
January 25, 2006; Protecting cell phone users' privacy
January 20, 2006

Verizon Wireless this week accidentally distributed a file with limited details on more than 5,000 customers outside the company, potentially giving identity thieves a toehold.

The Microsoft Excel spreadsheet file was e-mailed on Monday and includes names, e-mail addresses, cell phone numbers and cell phone models of 5,210 Verizon Wireless customers, going by a copy of the file obtained by CNET News.com. All of the customers have Motorola Razr phones, according to the spreadsheet.

The spreadsheet was inadvertently sent to about 1,800 people, all Verizon Wireless subscribers, according to a follow-up e-mail apologizing for the gaffe that the mobile carrier sent on Thursday. The Excel file was attached to an ad for a Bluetooth wireless headset, instead of the electronic order form that was supposed to be sent.

"Verizon Wireless takes the security, confidentiality and integrity of your personal information very seriously, and we deeply regret this error," the company said in the Thursday e-mail. It said that it has already implemented additional quality control procedures and process improvements to prevent a re-occurrence.

A Verizon Wireless representative confirmed the incident, but could not immediately provide specific details when reached Friday afternoon.

The information in the document is limited and does not immediately expose those listed to fraud, the company said in its apology. Yet it recommends that people affected review their bills more carefully and add a password to their account by calling 1-866-861-5096.

While the privacy breach in no way makes identity theft automatic, it helps put a clever fraudster in the starting blocks, said James Van Dyke, the principal analyst at Javelin Strategy & Research in Pleasanton, Calif., which tracks identity fraud.

"To commit ID fraud, you must do several things well. This just makes the job slightly easier," he said. For example, with this list in hand, a fraudster could call the listed numbers, pretend to be a Verizon Wireless representative and ask the subscriber for information to update the account.

One Verizon Wireless customer whose details were included in the file said he was upset about the flap. "Someone just got incredibly careless sending out a sales e-mail," said Frank Donley of Fresno, Calif. "With all the privacy incidents you read about recently, I should feel relieved that my credit card number, Social Security number or some other secure info wasn't released."

See more CNET content tagged:
Verizon Wireless, Verizon Communications, quality control, identity fraud, spreadsheet

Add a Comment (Log in or register) 7 comments

Could'a, should'a...
by ml_ess August 28, 2006 9:48 AM PDT: Woops, they did it again..! This would be shocking news, if we didn't hear stories like this all the time... "Private data distributed to unauthorized parties! Risk of identity theft rampant!"

Lesson learned here: private businesses and government organizations need to invest in email anti-theft software that secures outbound email... which often contains customer data, employee information and other crucial corporate assets.
http://essentialsecurity.com/Documents/article10.htm; Reply to this comment

How DOES one just email 5,210 people?
by troob August 28, 2006 9:51 AM PDT: I'm a Verizon Wireless customer. And I'm wondering how DOES one only just email 5,210 people? I see no apology on VZW's web site acknowledging this mess, either. Perhaps time to get blankety-blank outta Dodge, Marshall Dillon.; Reply to this comment

What precautions are being taken?
by mveronica August 28, 2006 9:52 AM PDT: The article fails to explain what "additional quality control procedures and process improvements" are being implemented to "prevent a re-occurrence". If this means that the people who accidently attached the database to the email or going to a get a slap on the wrist and a warning that if it ever happens again, it's termination of employment, I would not be satisfied as a Verizon customer. You'd think that after the AOL incident, a red flag would go up to all companies who possess sensitive customer information. Hopefully, some kind of data encryption is being used so that if such documents accidently get attached again, the receivers will not be able to view it. This article provides some pointers for doing just that:

http://www.essentialsecurity.com/Documents/article9.htm; Reply to this comment View reply
Processing

responsibility
by ml_ess August 28, 2006 7:09 PM PDT: The problem here is still security. If a fraudster doesn't have a Social Security Number, but has gotten a hold of other information that a company like Verizon might have (name, address, bank account information), it could still be enough to inflict damage.
It's like saying "businesses should just not use laptops"... truth is, they'll continue using laptops and if not, carelessness will lead to security breaches anyway.
We can only hope that Verizon has learned its lesson (http://www.iwantmyess.com/?p=90) and will implement increased security measures in the email arena.; Reply to this comment

Worse!!
by kor17 August 30, 2006 11:32 AM PDT: I experienced a worse privacy violation just this week. I received an email from Verizon informing me that my application for a discount program was accepted. Attached to the email was a file that contained my personal data (images of my drivers license and check stub) along with the private data of 25 other people who applied to the discount program. So I'm sure at least 25 people receieved the same file. I contacted the Verizon store that was responsible but I haven't heard from them yet. Next step is contacting the Attorney General.; Reply to this comment

Latest tech news headlines

Secunia exploits security suites flaws
Posted in News - Security by Robert Vamosi

October 15, 2008 12:07 PM PDT
Eventful raises $10 million in Series C round
Posted in Webware by Don Reisinger

October 15, 2008 12:03 PM PDT
Facebook announces 25 developer grant finalists
Posted in The Social by Caroline McCarthy

October 15, 2008 11:30 AM PDT
See all headlines

Resource center from CNET News sponsors

You Need The Speed of Norton 2009

Introducing Norton Internet Security™2009

With one-click, one-minute install, under 8MB of memory usage and fewer, shorter scans, it's the fastest security suite anywhere. Norton. Smart Security, Engineered for Speed. Get a FREE trial today!

The Fastest Security Suite Anywhere

Experience the revolutionary Norton Internet Security™ 2009. With Norton™ Insight, a new feature, you get precision security that targets only at risk files for fewer, faster, shorter scans

Win a Trip to Space!*

Enter the Blast Off with Norton Sweepstakes for your shot at a trip to space. You could experience being fast and weightless, just like the new Norton 2009. *No purchase necessary; click for full details.

FREE Trial!

Act now to get your FREE trial of Norton Internet Security 2009. Try it for the protection. Love it for the speed

Norton Safe Web NEW!

A community-based system that rates web site safety

Norton Labs NEW!

Users can download new security technologies and share input directly with developers. Help us shape our future products!

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.

More feeds available in our RSS feed index.

Inside CNET News

Scroll Left Scroll Right

Webware
Adobe fends off rivals with Flash Player 10
The incumbent power in rich Internet application technology just got a little more powerful. Flash Player 10 now has Silverlight 2 to reckon with, though.
Gallery
Photos: Solar business heats up the Golden State
The Open Road
Open source for president? Get real
We're voting for a president, not a software preference. There are bigger issues in front of the U.S. president than whether the government adopts open source.
Beyond Binary
Windows 7 equals some strange math
Although Windows 7 was also the product's code name, the forthcoming version of Windows is not Microsoft's seventh iteration, and it won't carry the version number 7.0.
Video
Apple laptop redesigns and a lower price
News - Digital Media
Who loves an economic crisis? Yahoo Finance
Sites with financial news and data saw record numbers of visitors in September, according to ComScore. Just wait for the October tally.
Video
Apple's latest MacBook Pro
The Social
Facebook announces 25 developer grant finalists
They now have a chance to apply for $225,000 in grant money in the FBFund developer competition's final round--but only if they successfully build the apps first.
News - Cutting Edge
'60 Minutes' video: Drone warfare in Iraq
UAVs like the Predator are a highly valued asset for the U.S. military as it pursues "fleeting and perishable" targets. Lesley Stahl reports.
Gallery
Photos: 'Popular Mechanics' breakthroughs
Webware
Eventful raises $10 million in Series C round
Event planning site, Eventful, raised $10 million in Series C funding in the hopes that it will expand internationally and become profitable. Will it work?
Green Tech
Home energy monitors getting wise to solar
SolarCity updates its solar panel monitoring software to include home electricity usage, while Open Energy is creating a touch-screen device to track energy usage and production.