In the latest high-profile security breach, PINs associated with 6 million Verizon accounts were exposed on an unsecured server, along with subscriber names and cellphone numbers. The information came from call logs from people who had contacted Verizon customer service in the last 6 months. Verizon asks for a PIN when you call in to make account changes, so an attacker with that information could not only make unwanted changes to your account, but also hijack your account in such a way as to intercept text messages used for two-factor authentication. (Better 2FA options include a system like Apple’s, which relies on an Apple-managed communications channel to devices you own, or an authenticator app like Google Authenticator, Authy, or 1Password.) If you use Verizon and particularly if you know you have contacted the company recently, log in to your Verizon account or call Verizon (yeah, we get the irony) to change your PIN as soon as possible.