The authors of the cyberattack that has affected the Phone House chain of telephony stores have published on the Dark Web the data of supposedly 13 million of its users obtained through a ‘ransomware’ attack, after threatening the company with revealing them if it did not pay a financial ransom.
Among the data of the 13 million customers and employees of the chain is personal information with your full name, email, date of birth, telephone number, address, nationality and even identity documents and IMEI codes of the devices, as the authors have assured in their initial communication.
Phone House has acknowledged in a statement the cyber attack, which took place on Sunday April 11, and is investigating the events together with a cybersecurity company.
“Downloading such information would be partial and would not affect all the data processed by Phone House, but it is possible that some of your data has been compromised,” he admitted.
Among the data are bank account numbers
The company has recognized that among the accessed data there are also contracted services and bank account numbers, but not bank cards, since the company does not store this information, and neither do passwords.
“From the outset, our internal teams, together with the leading national company and world benchmark in cybersecurity services, activated the corresponding action plan and adopted the most forceful measures possible to limit the scope of said cyberattack,” Phone House reported. in the statement.
Nevertheless, has denied that there has been “definitive loss of information” and that the attack has affected the services it provides. Its network of stores has remained operational, as well as its website and its support service.
This attack, which became known last Wednesday, was carried out by the Cybercriminals Responsible for Corporate Babuk Ransomware, who were able to access a “complete copy” of ten Oracle databases and had already published a part of them.
Hackers threatened to do the same with other personal information if they did not receive a ransom payment and, now, they have leaked through the Dark Internet, or Dark Web, the data of supposedly 13 million Phone House customers, as reported by the cybersecurity company Hispasec on its blog.
The company has not paid the ransom
Phone House has assured that the company has not paid the ransom required by cybercriminals. As the experts recommend cybersecurity, giving in to these blackmails does not guarantee the non-publication of the data, and serves to finance other subsequent attacks.
Likewise, the company has ensured that “has notified the facts to the Spanish Agency for Data Protection, being in contact from the first moment, with the Central Brigade of Technological Investigation (BCIT) of the National Police, before which the corresponding complaint has been presented “.
The information is accessible through the private Tor network, in the form of a ‘csv’ data table format file, and is found without any encryption. The authors claimed that it was more than 100GB of “sensitive data.”
The information pertaining to a part of the data of the leak has been included in the web page Have I Been Pnewd?, in which users can enter their email to see if they have been affected. This website currently collects 5.2 million email addresses from Phone House accounts.