The personal data of 6 million Verizon users has leaked online, the company said Wednesday.
“Human error” caused the leak, Verizon told CNN Tech.
The error, a misconfigured security setting on a cloud server, made customer phone numbers, names and some PIN codes publicly available online, CNN Tech reported. PIN codes are used to confirm the identity of people who call for customer service, the media outlet said.
No loss or theft of customer information occurred, Verizon told CNN Tech.
Cybersecurity firm UpGuard found the leak. UpGuard initially reported the error could impact up to 14 million accounts, multiple media outlets reported.
CNN Tech reported that an UpGuard researcher found the data was exposed by Israel-based NICE Systems. The data was collected over the last six months, CNN Tech reported. The researcher alerted Verizon to the leak on June 13, and the security hole was closed on June 22.
In a statement to CNBC, Verizon apologized to its customers but said the PINs that were available during the breach aren’t linked to customer accounts. The numbers were used to authenticate customers at call centers, the company said.