SafetyDetectives’ Cybersecurity Team recently discovered a clear web forum post where a threat actor offered to sell a database, which purportedly holds the records of over 60 million Verizon customers.

What Is Verizon?

Verizon Communications Inc. is the world’s second-largest telecommunications company by revenue. Headquartered in New York City, Verizon is the largest wireless carrier in the United States, with 146 million subscribers as of March 31, 2025.

Where Was The Data Found?

The data was located in a post on a well-known forum on the clear surface web. This forum features message boards specifically for database downloads, leaks, cracks, and more.

What Was Leaked?

The post in question surfaced claiming to offer 61 million “Verizon USA” records, totaling 3.1 GB, in a CSV/JSON file. The author dated the data as “2025,” suggesting its recency.

A forum member asked for a link to download the dataset, to which the author of the post replied “For sale”.

The post included two screenshots as data samples, which our Cybersecurity Team reviewed to assess its authenticity. Although the data seemed legit, we could not confirm it actually belonged to Verizon customers.

The freely shared sample displayed 47 lines per image, totaling approximately 517 records. This sample exposed sensitive information of allegedly Verizon’s USA customers, including:

  • First Name
  • Last Name
  • Gender
  • DOB
  • Tax ID + 3 more ID numbers per customer
  • Full Address
  • 2 different phone numbers per customer.
  • Email
  • IP Address

This type of data is considered sensitive, as it could be used by malicious actors to plan and carry out various attacks against the affected clients.

This is a screenshot of the post.

This is a screenshot of the comment that a forum member makes about not having a download link and to which the author replies that the database is for sale.

What Risks Does This Data Exposure Pose?

Should the data actually belong to Verizon’s USA customers, it puts the safety and privacy of the users involved under threat. If you believe your data to have been compromised, you should be aware of the potential risks:

Identity Theft: With this type of data, attackers are more likely to successfully impersonate an individual to open bank accounts, apply for loans, or file fraudulent tax returns in their name.

Targeted Social Engineering or Phishing Attacks: Knowing detailed personal information allows attackers to craft highly convincing scams via email, phone, or text. These scams typically aim to trick individuals into revealing more sensitive data or making harmful decisions.

Financial Fraud: Tax ID and address data can be used to access or attempt to reset online banking or financial service accounts, potentially leading to unauthorized transactions.

Account Takeover or Credential Recovery Abuse: Many online services use phone numbers and personal details like DOB for identity verification. With this data, attackers may reset passwords and take over accounts such as email, social media, or e-commerce platforms.

What to Do If You Believe Your Data Was Exposed

Be Cautious of Unsolicited Communications: Beware of emails, calls, or texts requesting sensitive information or urgent action. Always verify the source before clicking links or sharing details — especially if the message uses personal data to appear trustworthy.

Review and Limit Personal Information Shared Online: Audit your social media and online profiles — remove or restrict access to personal details like your birthday, phone numbers, or address to reduce the risk of further exploitation.

Update All Privacy Settings: Adjust the privacy settings on your social media accounts and other online platforms. Keep an eye out for updates that can help enhance your online security.

Monitor Financial and Credit Activity: Regularly check your bank statements, credit card activity, and credit report for unauthorized transactions or new accounts.

What Are Clearweb Leaks and Why Should You Care?

Hackers utilize various parts of the internet to coordinate attacks, share information, and discuss data breaches. One of the most popular channels hackers use for these purposes are clearweb forums, which are online networks — available to anyone with an internet connection — that allow users to share information about breaches and leaks. These forums provide a sense of anonymity to their members as well as features like paywalling for those users who require compensation to access the information they are sharing.

By reporting on these incidents, we aim to proactively inform potentially affected parties earlier so that they can act quickly to protect their data. Our disclosures are rooted in meticulous research and are intended solely for informational and preventive purposes. In no way should these reports be construed as allegations, insinuations, or indicators of fault or negligence by any individual or organization.

Similar Cybersecurity Incidents

In another discovery, SafetyDetectives’ Cybersecurity Team stumbled upon a clear web forum post where a threat actor shared a database allegedly belonging to VirtualMacOSX, purportedly exposing 10,000 records.