Verizon website programmers have potentially put millions of customers personal data at risk.
The wireless company’s online billing system had been flawed for an unknown period of time but was corrected by Friday.
“This was a very easy hack to do,” said Jonathan Zdziarski, a software developer speaking to the Washington Post. “I’m sure if I’ve discovered it, then certainly your typical ‘script kiddie’ could figure it out.”
The flaw affected the “My Account” feature, part of Verizons online billing system. It allowed a hacker to view details of the customer’s address, the make and model of their phone and even how many remaining free wireless minutes they had to use.
The system had been in place for five years but Verizon has not yet indicated whether it was always flawed.
Verizon hit headlines in February this year when anti-spam lobbyists became concerned about its mooted purchase of MCI because they did not believe the company would be equipped to improve MCI’s poor spam record.
Of the latest breach Verizon said that no customer details were changed and that no financial information was disclosed.