The authors of the cyber attack have affected the phone shop chain of phone shops, and they published on Dark Web the data of approximately 13 million users allegedly obtained through a “ransomware” attack. Threatening the company to disclose to them if it does not pay the financial ransom.
In the data of 13 million customers and employees of the chain, there is personal information The content guaranteed by the author during the initial communication includes your full name, email, date of birth, phone number, address, nationality, and even the identification document and IMEI code of the device.
Phone Home admitted to the cyber attack in a statement, Happened on Sunday, April 11 And is investigating the incident with a cyber security company.
He admitted: “The downloading of such information will be partial and will not affect all the data processed by Phone House, but some of your data may be destroyed.”
The company has realized that among the data accessed, there are also contract services and Bank account number, not bank card, Because the company does not store this information, nor does it store passwords.
Phone Home said in the statement: “From the very beginning, our internal team, together with leading national companies and world benchmarks for cyber security services, formulated corresponding action plans and took the most powerful measures to limit cyber attacks. Scope.”.
despite this, Deny the existence of “definite information loss” And the attack has affected the services it provides. Its store network and website and support services are always running.
The well-known attack last Wednesday was caused by Cybercriminals are responsible for corporate Babuk ransomware, They have access to ten “full copies” of Oracle databases and have already released some of them.
Hackers threatened to do the same with other personal information If they did not receive the ransom, they have now leaked the 13 million phone home data reported by the network security company Hispasec on its blog via Dark Internet or Dark Web.
Phone House assured that the company did not pay the ransom demanded by cybercriminals. As suggested by experts Cyber security, succumbing to these ransomware does not guarantee that the data will not be made public, and can provide funding for other subsequent attacks.
Similarly, the company ensures that “The Spanish Data Protection Agency has been notified of the facts, Contacted the National Police Central Technical Investigation Bureau (BCIT) from the very beginning, and had filed a corresponding complaint before that. “
This information can be accessed through the private Tor network in the form of a file in the format of a “csv” data table, and can be found without any encryption. The author claims that this is more than 100GB of “sensitive data”.
Information about part of the leaked data has been included in the webpage Am I updated?, Users can enter emails to see if they are affected. The website currently collects 5.2 million email addresses from phone house accounts.