Cellular service provider Visible has confirmed customer reports of attackers accessing and modifying user accounts, and said breaches were committed using usernames and passwords from “external sources”. In a statement to The edge (which you can read in full below), the Verizon-owned carrier said it has been working to “alleviate the problem” since learning about it, though it didn’t exactly mention the measures it has in place to protect customers.
As of the start of the week, customers of Verizon’s lower-cost service were reporting unauthorized Visible charges on their PayPal or credit card statements, along with emails telling them that passwords or addresses of their accounts had been changed. Some customers were frustrated with the company’s lack of response, as it did not send emails or texts about the situation and remained largely silent on social media until Wednesday, when she posted a Twitter thread.
If you use your Visible username and password on multiple accounts, including your bank / financial accounts, we recommend that you update your username / password with these services. Reminder: Visible will never call or ask for your password, secret questions or PIN codes for your account.
– Visible (@Visible) October 13, 2021
In its statement and on Twitter, the company recommends resetting your password if it’s the one you’ve used for other services. That’s good advice, but the company has disabled its password reset system – it wasn’t available yesterday, and Wednesday morning you’ll still get an error if you try to change your password.
Hackers accessing accounts using passwords found elsewhere are very common, which is why everyone (including Visible) says to use unique passwords for each service and to change your passwords. in case of violation. Security experts also recommend using two-factor authentication, which can help protect yourself even if your password fails (such as in a situation where you cannot change it). Visible, however, does not support two-factor authentication, which means its customers are still potentially open to these types of attacks.
Here is the full statement from Visible.
Visible is aware of an issue where some member accounts were viewed and / or billed without their permission. As soon as we were made aware of the issue, we immediately initiated a review and began deploying tools to mitigate the issue and allow additional controls to better protect our customers.
Our investigation indicates that the malicious actors were able to access the username / passwords from external sources and exploit this information to log into Visible accounts. If you use your Visible username and password on multiple accounts, including your bank or other financial accounts, we recommend that you update your username / password with these services.
Protecting customer information, including securing customer accounts, is of critical importance to our business and our customers. As a reminder, our company will never call to ask for your password, your secret questions or the PIN codes of your account. If you believe your account has been compromised, please contact us via the chat on visible.com.
- Visible confirms customer reports of hacking and fraud attempts
- Some customers of Verizon’s Visible cellular network say they’ve been hacked
- Visible customer accounts of digital operator Verizon have been hacked
- Apple will require all account creation app submissions to allow in-app account deletion from January 31, 2022
- EU officially accuses Russia of “Ghostwriter” hacking activities