Quite a few Seen Wi-fi subscribers are reporting that their accounts have been “hacked” this week. Seen runs on Verizon’s 5G and 4G LTE networks and is owned by Verizon; it’s not a mobile virtual network operator (MVNO).
Suspicions of an information breach at Seen began Monday when some prospects noticed random unauthorized purchases on their Seen accounts:
@Visible I used to be simply hacked! They despatched themselves a telephone and adjusted my handle! Pressing!’ How do i@cease this!!!! HURRY!!
— Kelley (@ksmrz77) October 12, 2021
On the Seen subreddit, customers have reported seeing unauthorized orders positioned from their accounts:
Nice, somebody hacked my @visible account, bought iPhone utilizing my PayPal, and adjusted the password. @visiblecare shouldn’t be responding. Scammer additionally tricked me with electronic mail spams in an effort to make me miss any electronic mail notifications from Seen.
— Kristian Kim (@kristiankim) October 13, 2021
Credential stuffing doubtless, firm says
In an electronic mail despatched to prospects and posted publicly yesterday, Seen shared the possible reason for the hacks.
“We’ve got realized of an incident whereby data on some member accounts was modified with out their authorization. We’re taking protecting steps to safe all impacted accounts and forestall any additional unauthorized entry,” stated Seen in an announcement. “Our investigation signifies that menace actors have been capable of entry username/passwords from outdoors sources and exploit that data to log in to Seen accounts. If you happen to use your Seen username and password throughout a number of accounts, together with your financial institution or different monetary accounts, we suggest updating your username/password with these companies.”
The corporate’s wording suggests buyer credentials have been obtained from a third-party leak or breached database after which used to entry buyer accounts—a apply generally known as credential stuffing. The corporate advises prospects to reset passwords and safety data and can immediate customers to re-validate cost data earlier than additional purchases might be made.
However consultants have cast doubts on theories that this incident stemmed from credential stuffing, contemplating Seen additionally admitted to “technical points” on its chat platform, with the corporate briefly unable to make any adjustments to buyer accounts simply this week. Seen’s tweet mentioning this data was deleted by the corporate.
Did Seen know since final week?
Though Seen made a public assertion yesterday, the corporate first acknowledged the difficulty on Twitter on October 8, if not earlier. On the time, Seen supplied a imprecise motive: order affirmation emails erroneously despatched out by the corporate. “We’re sorry for any confusion this may occasionally have brought on! There was an error the place this electronic mail was despatched to members, please disregard it.”
One Seen buyer reacted angrily to the delay, saying, “This response is totally irresponsible, given the truth that you’re at the moment beneath assault and are conscious of MANY customers which have had their accounts compromised.”
Seen says prospects will not be held responsible for any unauthorized costs. “If there’s a mistaken cost in your account, you’ll not be held accountable, and the fees might be reversed,” the corporate stated.
Seen prospects impacted by the incident ought to monitor for suspicious transactions and alter their credentials, each on their Seen account and another web sites the place they’ve used the identical credentials.