Verizon’s Visible cell customers hacked, leading to unauthorized purchases

By | October 14, 2021
Verizon’s Visible cell customers hacked, leading to unauthorized purchases

Numerous Visible Wireless subscribers are reporting that their accounts were hacked this week. Visible runs on Verizon’s 5G and 4G LTE networks and is owned by Verizon.

Suspicions of a data breach at Visible started Monday when some customers saw unauthorized purchases on their accounts:

On the Visible subreddit, users reported seeing unauthorized orders placed from their accounts:

Visible customer: "Got hacked yesterday, order still shipped!!!"
Enlarge / Visible customer: “Got hacked yesterday, order still shipped!!!”

Social media was also full of reports of customers not receiving a response from Visible for days:

Credential stuffing likely, company says

In an email sent to customers and posted publicly yesterday, Visible shared what it believes caused the hacks.

“We have learned of an incident wherein information on some member accounts was changed without their authorization. We are taking protective steps to secure all impacted accounts and prevent any further unauthorized access,” said Visible in the announcement. “Our investigation indicates that threat actors were able to access username/passwords from outside sources and exploit that information to log in to Visible accounts. If you use your Visible username and password across multiple accounts, including your bank or other financial accounts, we recommend updating your username/password with those services.”

The company’s wording suggests that customer credentials were obtained from a third-party leak or breached database and then used to access customer accounts, a practice known as credential stuffing. The company advises customers to reset passwords and security information and will prompt users to re-validate payment information before further purchases can be made.

But an expert has cast doubts on the credential-stuffing theory, noting that Visible admitted in a tweet to “technical issues” with its chat platform this week, with the company briefly unable to make any changes to customer accounts. Visible has since deleted its tweet.

Did Visible know since last week?

Although Visible made a public statement yesterday, the company first acknowledged the issue on Twitter on October 8. At the time, Visible provided a vague reason: order confirmation emails erroneously sent out by the company.

“We’re sorry for any confusion this may have caused! There was an error where this email was sent to members, please disregard it,” the company told a customer.

Visible initially responded to concerns on October 8.
Enlarge / Visible initially responded to concerns on October 8.

One Visible customer reacted angrily to the delay, saying, “This response is completely irresponsible, given the fact that you are currently under attack and are aware of MANY users that have had their accounts compromised.”

Visible says customers won’t be held liable for any unauthorized charges. “If there is a mistaken charge on your account, you will not be held accountable, and the charges will be reversed,” the company said.

Visible customers impacted by the incident should monitor for suspicious transactions and change their passwords, both on their Visible account and any other websites where they have used the same credentials.

Source