(LiveHacking.Com) – There seems to be some confusion about the activities of a hacker known as TibitXimer who claims to have stolen at least 3 million customer records from Verizon. Having stolen the data the hacker posted around 10 per cent of them online citing Verizon’s indifference to fixing a security flaw which the hacker had reported to the cellular giant.
The confusion has arisen over the validity of his claims because of several subsequent events. First Verizon spokesperson Alberto Canal has told ZDNet that the company has examined the posted data and can confirm that it is not customer data from Verizon Wireless. Second the posted data has now disappeared from Pastebin where is was originally published. And thirdly, the hacker’s Twitter account has been deleted.
In the original post to Pastebin (which is at the time of writing still available in Google’s cache) TibitXimer said “here is a database with a few hundred thousand customer records from Verizon Wireless! It includes serial numbers, names, addresses, date they became a customer, password to their account, phone numbers, etc…” There was also a link to a text file with the alleged stolen data.
When Verizon debunked the claims the hacker tweeted that the data probably belongs to Verizon FiOS fiber customer and not Verizon Wireless cellular customers. However that tweet along with his entire Twitter account has now gone.
It is thought that TibitXimer downloaded more than 3 million customer entries from Verizon’s database however the exact number of records is unknown as the 3 million figure is just an estimate based on the size of one record and the size of all the files. The hack is alleged to have occurred on July 12 and the hacker is said to have gained root access to a server holding the customer data. However Verizon have said that “Many of the details surrounding this incident are incorrect and exaggerated. No Verizon systems were breached, no root access was gained, and this incident impacted a fraction of the number of individuals being reported.”
So with deleted Twitter accounts, missing data and denials from Verizon it is hard to be sure what has actually happened. If it is true then this is a massive security breach for one of the USA’s largest carriers.