Contents:
An insider data breach at Verizon has compromised the personal information of more than 63,000 employees, nearly half of the company’s global workforce.
The telecommunications giant disclosed the incident in a Data Breach Notification with the Office of the Maine Attorney General, revealing that the breach occurred around September 21, 2023, due to unauthorized access by an employee.
How was the breach discovered and what information was compromised?
Although the breach occurred in September, Verizon uncovered it nearly three months later, on December 12, 2023.
The compromised information includes:
- employees’ full names
- street addresses
- Social Security numbers
- National ID
- Gender
- Union affiliation
- Date of birth
- Compensation information
Verizon assures that there is no evidence of misuse or external sharing of the impacted information, according to SEC Alerts.
In response to the breach, Verizon has offered free identity protection and credit monitoring services to the affected employees for two years.
The company also recommends that employees vigilantly monitor their credit reports and review account statements to detect any irregularities.
Verizon is a leading global telecommunications company with 117,000 employees across 150+ countries and global revenues of $134 billion in 2023.
Insider threat mitigation
An insider breach occurs when individuals within an organization misuse their access to sensitive information, leading to potential loss of customers, reputational damage, and legal penalties.
It can be intentional or accidental, as shown in the graphic below.
The Cost of Insider Threat (Ponemon Institute, 2022)
To prevent insider threat breaches, companies should:
- Increase employee security awareness and training.
- Implement strict access control measures and the principle of least privilege.
- Implement comprehensive, end-to-end security solutions.
- Protect data with encryption and secure storage.
- Establish a comprehensive incident response plan.
Internal vigilance and expert help
This type of breach reminds us how complex cybersecurity threats can be, and how important is to create a culture of security within your company.
Embrace the support of managed security service providers for their tech savvy and round-the-clock vigilance.
Combine this with strong cybersecurity solutions and a commitment to keeping your team informed and alert.
Together, these strategies form a powerful alliance, ensuring your business remains secure in a world where threats can come from anywhere—even from within.
If you liked this piece, follow us on LinkedIn, Twitter, Facebook, and YouTube for more cybersecurity news and topics.