Risk
11/24/2008
03:54 PM
50%
50%

Verizon Workers Fired In Obama Phone Account Breach

Verizon is neither confirming nor denying the firings, first reported by CNN over the weekend.

Verizon Wireless has fired an undisclosed number of employees connected with the unauthorized access of records linked to a mobile phone used by President-elect Barack Obama, CNN reported.

Quoting a source within Verizon, the cable news network said the fired workers were hired to help customers and weren't authorized to access records, unless asked by customers. The Verizon source did not say how many employees were fired.

"We now consider this matter closed," the source told CNN.

A Verizon spokesman on Monday said the company was aware of the report and "wouldn't disagree with it, but we're not confirming nor denying."

The fired employees had only limited access to customers' records, and would not have been able to read text messages or listen to voice mail, CNN reported over the weekend. An Obama spokesman had said that the president-elect no longer used the mobile phone and it had been inactive for months.

Verizon reported the breach last week. Chief executive Lowell McAdam apologized for the incident and said all employees who accessed the account had been suspended with pay.

CNN also reported that Verizon Wireless had launched a separate internal investigation to determine whether customer information "had in any way been compromised outside our company," McAdam said in an internal e-mail obtained by CNN.

The Verizon breach wasn't the first time records related to Obama had been accessed without authorization. In March, State Department officials issued an apology after three employees of a department contractor had accessed the passport files of then presidential candidates Hillary Clinton, John McCain, and Obama.

Employees breaking workplace rules and even federal law to access celebrity records isn't new. UCLA Medical Center employees, for example, snooped on the medical records of actress Farah Fawcett and singer Britney Spears.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-4231
Published: 2015-07-03
The Python interpreter in Cisco NX-OS 6.2(8a) on Nexus 7000 devices allows local users to bypass intended access restrictions and delete an arbitrary VDC's files by leveraging administrative privileges in one VDC, aka Bug ID CSCur08416.

CVE-2015-4232
Published: 2015-07-03
Cisco NX-OS 6.2(10) on Nexus and MDS 9000 devices allows local users to execute arbitrary OS commands by entering crafted tar parameters in the CLI, aka Bug ID CSCus44856.

CVE-2015-4234
Published: 2015-07-03
Cisco NX-OS 6.0(2) and 6.2(2) on Nexus devices has an improper OS configuration, which allows local users to obtain root access via unspecified input to the Python interpreter, aka Bug IDs CSCun02887, CSCur00115, and CSCur00127.

CVE-2015-4237
Published: 2015-07-03
The CLI parser in Cisco NX-OS 4.1(2)E1(1), 6.2(11b), 6.2(12), 7.2(0)ZZ(99.1), 7.2(0)ZZ(99.3), and 9.1(1)SV1(3.1.8) on Nexus devices allows local users to execute arbitrary OS commands via crafted characters in a filename, aka Bug IDs CSCuv08491, CSCuv08443, CSCuv08480, CSCuv08448, CSCuu99291, CSCuv0...

CVE-2015-4239
Published: 2015-07-03
Cisco Adaptive Security Appliance (ASA) Software 9.3(2.243) and 100.13(0.21) allows remote attackers to cause a denial of service (device reload) by sending crafted OSPFv2 packets on the local network, aka Bug ID CSCus84220.

Dark Reading Radio
Archived Dark Reading Radio
Marc Spitler, co-author of the Verizon DBIR will share some of the lesser-known but most intriguing tidbits from the massive report