It’s not just you: Some current and former customers of Verizon’s Visible network have been receiving an influx of password reset request emails, but you may not have much to worry about.
Keeping your phone number secure is absolutely critical these days, especially if any of your online accounts use SMS as a second factor for authentication. In the event that someone takes over your phone number, any one-time codes – including ones for password resets – would go to the attacker instead of you.
As such, the recent spate of password reset emails being sent to Visible customers can seem particularly worrying. The issue, which started over the weekend and is still ongoing, sees both current and former Visible subscribers receive multiple password reset request emails per day. If you didn’t know that these same emails were also being sent to others, you could easily assume your account was being targeted.
Instead, this is more likely to be bots submitting reset requests for email addresses that are potentially vulnerable or compromised. A Visible spokesperson tells 9to5Google that the carrier is actively investigating to find the source of the emails.
Update 4/19: According to a Visible spokesperson, the company has put new measures in place to cease these fraudulent password reset emails. Additionally, an investigation found no evidence of any customers having their account security compromised.
We’ve become aware that some emails were unintentionally sent to several Visible members requesting a password reset. We immediately launched an investigation into the incident and have put in place measures to halt this activity. At this time there’s no evidence that any customer accounts or customer data has been exposed, or that any Visible systems have been breached. Visible members who’ve received these emails can ignore them, or can change their passwords in the app or on our website as a precaution. We encourage all members to use unique, strong passwords and update them regularly.
– Visible Spokesperson
If you receive an unsolicited password reset email from Visible, you can simply ignore it. The company also specifically advised that subscribers should not click any included links.
Additionally, it’s always a good idea to ensure that your email account is properly secured. If you haven’t updated your password for Gmail, Outlook, or your preferred email provider in a while, this may be a good reminder to do so, and you should enable two-factor authentication (2FA) or Google’s 2-Step Verification if you haven’t already.
FTC: We use income earning auto affiliate links. More.
Comments