Last week, Motherboard reported that a hacker had acquired a database full of private data about Verizon employees. The database included full names, email addresses, corporate ID numbers, and phone numbers. After getting their hands on the data, the hacker contacted Motherboard to share the information from the database.
Verizon hacker demands $250,000 ransom
In order to verify the leak, Motherboard called some of the numbers in the database.
Four people that answered the phone confirmed their names, email addresses, and Verizon employment. Another said they previously worked for the company. Several others returned voicemails that matched up with the names in the database.
The hacker claims to have obtained the data by “convincing a Verizon employee to give them remote access to their corporate computer.” After that, they accessed a Verizon internal tool containing all of the data mentioned above. They wrote a script to scrape the data, and then walked away with a treasure trove of private company information.
“These employees are idiots and will allow you to connect to their PC under the guise that you are from internal support,” the hacker told Motherboard.
The hacker also shared a screenshot of an email they’d sent to Verizon with Motherboard, in which they told the carrier to “respond with an offer not to leak you’re [sic] entire employee database.” They want Verizon to pay them $250,000 as a reward.
Verizon’s response to the hack
A Verizon spokesperson shared the following statement with Motherboard:
A fraudster recently contacted us threatening to release readily available employee directory information in exchange for payment from Verizon. We do not believe the fraudster has any sensitive information and we do not plan to engage with the individual further. As always, we take the security of Verizon data very seriously and we have strong measures in place to protect our people and systems.
It’s true that the database didn’t contain sensitive information like Social Security Numbers, credit card numbers, or passwords. With that said, Motherboard points out that hackers and scammers could still make use of the information. They could target the employees in the database or impersonate them to access truly sensitive information.
Verizon does not appear to be interested in negotiating with the hacker. Therefore, the database might show up online in the near future.