The security issue was caused by an error involving an insecure setting on a cloud server. Cybersecurity firm UpGuard uncovered the issue that made customers' phone numbers and names publicly available online.
Also leaked were some customers' PIN codes that are used to confirm the identity of people who call for customer service.
UpGuard originally said the error could affect 14 million accounts.
- Go to vzw.com/PIN.
- Sign in to your My Verizon account.
- Enter the new account PIN, then re-type the new account PIN in the designated box.
- Click Submit to confirm.
- Verizon will send you a notification that a PIN has been changed.
The data was collected over the last six months and accidentally exposed by NICE Systems, a company Verizon worked with to facilitate customer service calls.
NICE had a security setting that was improperly set to "public" instead of "private" on an Amazon S3 storage server.
Dan O'Sullivan from UpGuard told CNN Money that exposed PIN codes could allow hackers to access a customer's phone service.
"A scammer could receive a two-factor authentication message and potentially change it or alter to his liking. They could cut off access to the real account holder," O'Sullivan said.
O'Sullivan said that Verizon customers should update their PIN codes to something different from their original to avoid this problem.