image
On Wednesday, Verizon’s Visible – an all-digital, uber-cheap wireless carrier – confirmed what customers have been complaining about on Reddit and Twitter all week: They lost control of their accounts; had their passwords and shipping addresses changed; and some got stuck with bills for pricey new iPhones. The carrier denied suffering a data breach. Rather, on Wednesday, it described what sounds like a credential-stuffing attack: Visible is aware of an issue in which some member accounts were accessed and/or charged without their authorization. As soon as we were made aware of the issue, we immediately initiated a review and started deploying tools to mitigate the issue and enable additional controls to further protect our customers. Our investigation indicates that threat actors were able to access username/passwords from outside sources, and exploit that information to login to Visible accounts. If you use your Visible username and password across multiple accounts, including your bank or other financial accounts, we recommend updating your username/password with those services. Protecting customer information — including securing customer accounts — is critically important to our company and our customers. As a reminder, our company will never call and ask for your password, secret questions or account PINs. If you feel your account has been compromised, please reach out to us via chat at visible.com. —Visible’s Wednesday statement, posted to Reddit Reach out via chat?…

Source