Verizon’s Data Breach Fighter Gets Hit With, Well, a Data Breach

Verizon signage and logo on its building at 375 pearl street
NEW YORK CITY, NEW YORK, UNITED STATES - 2015/10/17: Verizon signage and logo on its building at 375 pearl street, New York city. The building is windowless and has a simple architecture. Verizon is a large American broadband and telecommunications company based in New York City but incorporated in Delaware. (Photo by Roberto Machado Noa/LightRocket via Getty Images)
Roberto Machado Noa—LightRocket via Getty Images

Verizon’s division that helps Fortune 500 companies respond to data breaches, has suffered a data breach of its own.

Customer contact information supposedly stolen from Verizon’s enterprise unit appeared online earlier this week, reports Brian Krebs, an independent cybersecurity journalist. He happened upon the cache while trawling the web.

During his search, Krebs noticed that “a prominent member of a closely guarded underground cybercrime forum posted a new thread advertising the sale of a database containing the contact information on some 1.5 million customers of Verizon Enterprise,” as he writes on his site, KrebsOnSecurity.

Get Data Sheet, Fortune’s technology newsletter.

Whoever posted the notice set the total price at $100,000—or alternatively at $10,000 per batch of 100,000 records, Krebs reports. The seller also offered up information about vulnerabilities affecting the company’s website for money.

Verizon (VZ) confirmed the incident to Fortune, but not say whether the numbers reported by Krebs are accurate.

Read more: “The hotly disputed black magic of data breach cost estimates”

Verizon Enterprise Solutions recently discovered and fixed a security vulnerability on our enterprise client portal,” a spokesperson told Fortune in an email. “Our investigation to date found an attacker obtained basic contact information on a number of our enterprise customers.”

For more on Verizon, watch:

The note from the carrier claimed that “no customer proprietary network information (CPNI) or other data was accessed or accessible,” and that consumer data was unaffected. The company said that it was currently in the process of notifying customers.

Verizon Enterprise Solutions is known for producing a widely read data breach investigations report based on information from the hundreds of digital clean ups it coordinates each year. The unit’s parent apparently explored selling off the business, worth as much as $10 billion, in the fall of last year.

Subscribe to the Eye on AI newsletter to stay abreast of how AI is shaping the future of business. Sign up for free.