Visible confirms account violations and accuses “outside sources”

Cellular service provider Visible has confirmed customer reports of attackers accessing and modifying user accounts, and said breaches were committed using usernames and passwords from “external sources”. In a statement to The edge (which you can read in full below), the Verizon-owned carrier said it has been working to “alleviate the problem” since learning about it, though it didn’t exactly mention the measures it has in place to protect customers.

As of the start of the week, customers of Verizon’s lower-cost service were reporting unauthorized Visible charges on their PayPal or credit card statements, along with emails telling them that passwords or addresses of their accounts had been changed. Some customers were frustrated with the company’s lack of response, as it did not send emails or texts about the situation and remained largely silent on social media until Wednesday, when she posted a Twitter thread.

In its statement and on Twitter, the company recommends resetting your password if it’s the one you’ve used for other services. That’s good advice, but the company has disabled its password reset system – it wasn’t available yesterday, and Wednesday morning you’ll still get an error if you try to change your password.

Hackers accessing accounts using passwords found elsewhere are very common, which is why everyone (including Visible) says to use unique passwords for each service and to change your passwords. in case of violation. Security experts also recommend using two-factor authentication, which can help protect yourself even if your password fails (such as in a situation where you cannot change it). Visible, however, does not support two-factor authentication, which means its customers are still potentially open to these types of attacks.

Here is the full statement from Visible.

Visible is aware of an issue where some member accounts were viewed and / or billed without their permission. As soon as we were made aware of the issue, we immediately initiated a review and began deploying tools to mitigate the issue and allow additional controls to better protect our customers.

Our investigation indicates that the malicious actors were able to access the username / passwords from external sources and exploit this information to log into Visible accounts. If you use your Visible username and password on multiple accounts, including your bank or other financial accounts, we recommend that you update your username / password with these services.

Protecting customer information, including securing customer accounts, is of critical importance to our business and our customers. As a reminder, our company will never call to ask for your password, your secret questions or the PIN codes of your account. If you believe your account has been compromised, please contact us via the chat on visible.com.

Leave a Comment

Trending this Week