Millions of new home Internet connections for the telecom giant Verizon, after they purchased AOL for $4.4 billion. But vulnerability in its service may have put millions of their Internet customers at risk.
According to the BuzzFeed News, vulnerability in Verizon’s service allows anyone to view any of its 9 million home internet customers simply by visiting its website with a spoofed IP address, through which anyone can obtain password resets and gain full control over accounts.
To exploit the vulnerability, all you need is Firefox plug-in, which uses IP address in the header of emails, and can be easily sussed out by savvy hackers.
The Verizon’s customer support website uses Computer’s IP address to identify the users, it recognizes the IP address that it is looking for, and automatically display things like your location, your name, your phone number, and your email address. And that’s enough to take control of a Verizon account.
Joseph Bernstein, BuzzFeed News Reporter wrote on his blog post that “It took me only two downloads, copy and pasting some information from an email, and a few interactions with Verizon customer support. It was just a matter of following step-by-step instructions. In other words, if you can follow a recipe, you could have probably gotten a Verizon password reset.”
The security loophole were fixed after being notified by BuzzFeed News.