Verizon PTT Service Breached: Hacker Sells 900GB of Data
Hackers have breached a service provider for Verizon and stolen data related to the Push-to-Talk (PTT) system that the company offers to government agencies and emergency services. The data is now being sold on a hacker forum, according to 404 Media.
Verizon’s main network, used by regular consumers, was not affected. The breach only compromised a third-party system used for internal communications in corporations and government entities. Although this leak is smaller in scale compared to recent incidents involving AT&T or T-Mobile, it raises significant concerns about data protection within telecommunications companies.
Verizon’s PTT system allows employees to communicate both individually and with groups of up to several thousand people. The service is utilized not only by businesses but also by governmental organizations such as NASA and the U.S. Army, although their contracts with Verizon were signed about a decade ago.
On the XSS forum, hackers claimed to have gained access to administrator accounts, several critical servers, and other infrastructure. The volume of stolen data exceeds 900 GB and includes call logs, emails, phone numbers, and addresses. The stolen information has been valued at $200,000.
The cybercriminals confirmed that the data indeed belongs to Verizon. While they showcased some samples, they refused to provide information containing names or addresses.
One of the participants in the breach, known by the alias Judische, has previously carried out attacks on critical infrastructure and telecommunications companies, such as AT&T and Ticketmaster. Judische is affiliated with the criminal group known as “Community” (Com), whose members engage in fraud and data theft through cryptocurrency schemes. Many of them begin their activities in online games like Minecraft and Roblox, eventually moving on to hacking large corporations. Com’s activities occasionally overlap with those of the group Scattered Spider, which has executed several high-profile attacks on American companies, including MGM Resorts in 2023.
Verizon representatives confirmed the breach of a third-party provider, but emphasized that the leak did not involve sensitive information such as Social Security numbers (SSN) or customers’ financial data. Verizon’s team has already strengthened security within the provider’s system.
Earlier, based on collected data, Mandiant was able to build a more complete profile of the hacker. Judische is believed to be a young man in his twenties, likely from Canada, with an interest in video games and “catgirls” (a popular anime archetype), and is known to go several days without sleep while conducting hacks through Telegram.
