Verizon Security Flaw Left Millions Of Home Internet Users Vulnerable To Attack
15 May 2015 • buzzfeed.comIn order to get a reset when someone has set a PIN, Verizon customer support requires either that number, the amount of the most recent payment, or access to the phone listed on the account; Verizon will call customers at that number with their PIN. None of these were listed in the source code, and I obviously didn’t have access to the account phone.
So I called back, and asked for the amount of my last payment, claiming to be balancing my checkbook. Verizon happily gave it to me. Now armed with one of the requisite pieces of verification information, I called back a third time and got a friendly rep to reset the password. We were able to successfully repeat this procedure on demand.
Stupid stupid stupid. Just sad.