How to protect yourself from the Verizon data breach

To be safe, you must change your Verizon PIN.
Written by Steven Vaughan-Nichols, Senior Contributing Editor

Another day, another major data breach. This time around it's personal. When Verizon was shown to have as many as 14 million subscriber records revealed, I was one of them. Lucky me. Lucky you.

These customer records were contained in log files from Verizon customers service calls during the last six months. Each record included the customer's name, their cell phone number, and account PIN.

Armed with this information, hackers could access your account. Once that's done, they can hijack your phone number and take over your account. That's bad enough, but wait, there's more.

What's worst is once this is done, a hacker could break into your email or any other accounts protected by two-factor authentication (2FA). That's because most 2FA systems use your phone number as its second level of authentication.

Verizon claims "no other external party accessed the data." Of course, if you'd asked the company earlier if someone could find six months of customer records on an exposed and unprotected Amazon S3 cloud server, it would have said that was impossible.

I think I'll take my own steps to protect my account.

To do this, you need to login into your Verizon Wireless account. Along the way, you must enter your password and make sure your security image is correct. If it's not, or your password --after double-checking -- doesn't work, you have bigger problems. Someone may have cracked your account. In this case, call (800) 922-0204 or dial *611 from your mobile phone.

Once in, hover over "My Profile" near the top right side, and then click on My Profile & Settings on the top right of the drop-down window. This will bring up another page. On top of this page is the Personal & Security Information section.

The Account PIN listing is toward the bottom of this section. On the right side of this listing is the Change Account PIN link. Click on that. It will ask you to enter a new PIN. Note: It doesn't ask you to enter your old PIN.

Your new PIN can be any four numbers in any combination -- with a few exceptions. You can't use a sequential (1234) number, a repetitive (1111) number, or match the last four digits of your social security number (SSN).

At one time, Verizon defaulted to using the last four numbers of your SSN as your PIN. If your PIN is still this, change it. Change it now. You don't need to give hackers any part of this key part of your identification.

While you're at it, you might as well change your password. Changing your password every so often is a smart move.

To do this, go back to the Personal & Security Information section. The password settings are the third one down from the top. Click on Change Password.

Here, you do need to know your old password to change it. Once you've done that, you can set a new password. It must be eight to 20 characters long and cannot match your user ID. And it needs at least one number and one letter. It can have special characters, such as @#%$, but it can't include a space. It also can't be an easy-to-guess password, so forget about using password1 or 123password.

Instead, you should use a good password. It won't help if your passwords are stolen in a breach, but it will stop most password cracker programs in their tracks.

You're now ready to reset your PIN and password. Get on with it, just in case someone has a copy of your ID and PIN and is getting ready to take over your accounts. Good luck.

Related stories:

Editorial standards