Visible confirms customer reports of hacking and fraud attempts

(Image credit: Visible)

After customers of the Verizon-owned budget mobile carrier Visible took to social media to complain about hacking and fraud attempts, the company has now confirmed that security breaches were carried out on its users by hackers who obtained their credentials from “outside sources”.

As reported by The Verge, the mobile carrier said that it is in the process of working to “mitigate the issue” though it did not provide any details on the steps it has employed to do so. Visible customers recently began reporting that unauthorized charges from the company had appeared on their PayPal and credit card statements while others received emails saying the password or address of their accounts had been changed.

Customers were also frustrated that the company hadn't sent out any emails or texts notifying them regarding the situation. Visible did eventually go on Twitter where it explained what had happened in a post, saying:

“Our investigation indicates that threat actors were able to access username/passwords from outside sources, and exploit that information to login to Visible accounts.”

Compromised accounts

After confirming that some of its customer accounts had been compromised, Visible recommended in a statement and on Twitter that its users should reset their passwords if they've reused them across multiple accounts.

While this advice is fairly standard after a security breach, the mobile carrier's password reset system has been unavailable and users that did try to reset their passwords received an error message.

Visible also recommended that users create unique passwords for each of their online accounts which can be done using a password generator though most password managers now offer this functionality as well. Although enabling two-factor authentication (2FA) is also recommended, Visible doesn't support 2FA for authentication which could leave its customers open to similar attacks in the future.

If you're a Visible customer that has reused passwords across multiple accounts, the only precaution you can take at the moment is to change these passwords to prevent having your other accounts hacked by the cybercriminals behind this breach.

Via The Verge

Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.