Risk
11/24/2008
03:54 PM
50%
50%

Verizon Workers Fired In Obama Phone Account Breach

Verizon is neither confirming nor denying the firings, first reported by CNN over the weekend.

Verizon Wireless has fired an undisclosed number of employees connected with the unauthorized access of records linked to a mobile phone used by President-elect Barack Obama, CNN reported.

Quoting a source within Verizon, the cable news network said the fired workers were hired to help customers and weren't authorized to access records, unless asked by customers. The Verizon source did not say how many employees were fired.

"We now consider this matter closed," the source told CNN.

A Verizon spokesman on Monday said the company was aware of the report and "wouldn't disagree with it, but we're not confirming nor denying."

The fired employees had only limited access to customers' records, and would not have been able to read text messages or listen to voice mail, CNN reported over the weekend. An Obama spokesman had said that the president-elect no longer used the mobile phone and it had been inactive for months.

Verizon reported the breach last week. Chief executive Lowell McAdam apologized for the incident and said all employees who accessed the account had been suspended with pay.

CNN also reported that Verizon Wireless had launched a separate internal investigation to determine whether customer information "had in any way been compromised outside our company," McAdam said in an internal e-mail obtained by CNN.

The Verizon breach wasn't the first time records related to Obama had been accessed without authorization. In March, State Department officials issued an apology after three employees of a department contractor had accessed the passport files of then presidential candidates Hillary Clinton, John McCain, and Obama.

Employees breaking workplace rules and even federal law to access celebrity records isn't new. UCLA Medical Center employees, for example, snooped on the medical records of actress Farah Fawcett and singer Britney Spears.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-1009
Published: 2015-07-31
Schneider Electric InduSoft Web Studio before 7.1.3.5 Patch 5 and Wonderware InTouch Machine Edition through 7.1 SP3 Patch 4 use cleartext for project-window password storage, which allows local users to obtain sensitive information by reading a file.

CVE-2015-1486
Published: 2015-07-31
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote attackers to bypass authentication via a crafted password-reset action that triggers a new administrative session.

CVE-2015-1487
Published: 2015-07-31
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to write to arbitrary files, and consequently obtain administrator privileges, via a crafted filename.

CVE-2015-1488
Published: 2015-07-31
An unspecified action handler in the management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to read arbitrary files via unknown vectors.

CVE-2015-1489
Published: 2015-07-31
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to gain privileges via unspecified vectors.

Dark Reading Radio
Archived Dark Reading Radio
What’s the future of the venerable firewall? We’ve invited two security industry leaders to make their case: Join us and bring your questions and opinions!