Verizon Support Wants You To Know That Twitter Is A Perfectly Secure Way To Send Them Your Social Security Number

from the you-need-better-support-reps dept

Hoping to have an errant charge resolved, O’Reilly Media author Jonathan Zdziarski recently reached out to Verizon Wireless on Twitter. While Twitter support can help put a friendly face to a massive, often-times unwieldy conglomerate, anyone that has actually interacted with one of these support agents has likely found the quality of these interactions to be decidedly hit or miss. In Zdziarski’s case, the Verizon Wireless support agent in question thought it would be perfectly acceptable for him to prove his identity over Twitter, since the platform is such a “secure means of communication”:

Except for the fact that’s not remotely true. Back in late 2013 in the wake of reports on the NSA’s ballooning skulduggery, Twitter claimed they’d start encrypting direct messages, though by 2014 that initiative appears to have been forgotten. As such, what Verizon’s calling a “secure means of communication” is about as secure as a safe made out of paper mache and tin foil. When pressed about this lack of secure transit for personal data, Zdziarski was apparently informed that everything was ok, because “most users are ok with it”:

Of course “most users” don’t know a gigabit from a garrote, so it’s not entirely clear that “most people aren’t bright enough to know this isn’t a good idea” should be used as a security standard moving forward.

Filed Under: , ,
Companies: verizon

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Verizon Support Wants You To Know That Twitter Is A Perfectly Secure Way To Send Them Your Social Security Number”

Subscribe: RSS Leave a comment
jilocasin (profile) says:

Re: "because most customers are OK with it"

I used to be bothered by various retail clerks insisting that I provide some seemingly random bit of personal information at the conclusion of retail transactions.

I used to refuse to do so, wade through the gaped mouths, the anger and indignation, and the delay while a manager was called over to explain that providing such information isn’t strictly speaking required.

Often I too would hear the refrain;

“None of our other customers has a problem providing this information.”

With the implied, “So why am I being such a pain….”

Nowadays I avoid all of that drama by simply making stuff up.

Teller: "We need your Zip Code"
Me: "Um 23412".
Teller: "Thank you"

Teller: "We need your Phone number"
Me: "Ah 508 990 5678".
Teller: "Thank you"


Jason says:

Re: Re: "because most customers are OK with it"

When Best Buy started asking for your ZIP code (back when I still shopped at Best Buy occasionally) I would always politely decline, with a “no thanks,” or something like that. Most times the clerk didn’t care, just typed in something and continued. But every now and then there would be confusion, delays, and general annoyance as I waited to pay for my purchase. Even if I was paying with cash.

Then places graduated to asking for phone numbers. When our local Circuit City finally closed I happened to find something I wanted in the last of the clearance pile, a pair of noise cancelling headphones that were super cheap. I don’t know how long I stood there waiting for the guy to figure out how to let me pay without typing in my phone number. (I wanted to tell him to just use his.) I had finally had enough and opened my mouth to tell them to just keep it and walk out when the manager came over, typed the number 5 ten times, and got things rolling again.

To this day I don’t provide personal information to any store that they don’t need to actually process my payment. Sometimes it’s a bit of a pain, but so be it… if they can’t deal with that, then they really don’t need my money.

John Fenderson (profile) says:

Re: Re: Re: "because most customers are OK with it"

I do this too. Nobody gets personal info that isn’t actually needed.

But be aware: if you’re paying with a card, many processors randomly require the card holder’s zip code to be entered as a weak anti-fraud measure. If the clerk is asking for a zip code because of this and you refuse to provide it or provide an incorrect one, you won’t be able to pay with the card.

Jason says:

Re: Re: Re:2 "because most customers are OK with it"

True, but so far at least I’ve never had that problem. And if it’s verification (however weak) they ought to be able to explain that to me when I ask, too, and not give me the generic “we need that to add to our database” type of answer I usually get.

When the gas pumps started asking for ZIP codes I went home first and did some reading to find out why.

Anonymous Coward says:

Last night

I was twittering Verizon last night to ask when they would support Nomorobo. This is the winner of the FCC Robocall contest.

Well, I looked at some of the twitter responses, “Yes, let’s see what we can do to bring down your bill.”

“With our everything plan, unlimited minutes and texting is included in the plan.”

Dozens of replies like this. It appeared that only the Verizon representative replies were listed, and I don’t remember if the recipient was listed.

If you want to see how the Verizon Customer Service operates, just go to their twitter page for some good reading.


Anonymous Coward says:

Re: Re:

However…if the Twitter account can be linked to an actual person, you now know a specific user’s last 4 digits. It’s just a quick Google search to guess locale, what bank they may use, etc.

So while there may be 75,000+ social security number possibilities, using just those last 4 numbers, there’s statistically far less possibilities of a person named Jane Doe with the last 4 digits being 1234.

Anonymous Coward says:

Re: Re:

Sigh… The Verizon rep is asking for the last 4 of the customers SSN, not the entire thing. That still leaves about 77000 different possibilities for the actual number.

It is far less than you might think, at least until very recently the first 5 digits are not just random numbers. The first 3 identify the state of issue, and the next 2 are grouping codes that can be roughly corresponded to the year issued. Only the last 4 were an actual serial number. Once you give those last 4 up that makes for a lot less combinations especially with some basic knowledge of the customer.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...