Hacker TibitXimer (whose Twitter account was suspended following his announcement) claims to have stolen data on more than 3 million Verizon FiOS customers -- though Verizon says its systems have not been hacked. The hacker, who says the breach took place on July 13, recently posted 300,000 records on Pastebin.
"A fraction of the downloaded data has been published to code-sharing site Pastebin after Verizon failed to fix the vulnerability in its network, Tibit said, noting that the data was stored in plain text and did not require decryption," write ZDNet's Charlie Osborne and Zack Whittaker. "The hacker said that after he informed Verizon of the exploit, the company 'ignored my report,' and did not comment. Tibit said he worked alone, and while he supports Anonymous, he is not directly associated with the hacking collective."
In response, Verizon spokesman Alberto Canal told ZDNet, "Our systems have not been hacked. ... We reported this incident to the authorities when we first learned of it months ago and an investigation was launched. Many of the details surrounding this incident are incorrect and exaggerated. No Verizon systems were breached, no root access was gained, and this incident impacted a fraction of the number of individuals being reported."
Verizon later told The Next Web's Emil Protalinski that a "third party marketing firm made a mistake and information was copied."
"Based on this information, it would appear that TibitXimer may have found the file online and decided to make a [big] story out of it," Protalinski writes. "Yet this new tidbit leads to even more questions, the biggest one being: Why did a 'third party marketing firm' have access to this data in the first place?"