Data breach that would affect 3 million people
On 11 April, the phone retailer Phone House was allegedly the victim of a Babuk ransomware-type cyberattack. The cybercriminals stole sensitive PII (Personally Identifiable Information) belonging to its customers and employees, potentially affecting around 3 million people.
In the face of the company's refusal to pay the ransom, the data of 1,048,575 people, contained in a 5.77 GB .csv file, has already been published.
[Update 26/04/2021] Finally, the operators of the Babuk ransomware have released the remaining files on the Dark Web, as the company has not paid the ransom. According to the authors of the cyber-attack, this new release includes 113 GB of data corresponding to 13 million customers. For its part, Phone House has published an official statement containing a series of questions and answers (FAQ) to clarify, among other questions, the doubts that may have arisen about the cyberattack, explaining what happened, the actions the company is taking to solve it and the recommendations to follow.
References:
- 21/04/2021 abc.es Qué debes hacer si han filtrado tus datos en el ciberataque a The Phone House
- 21/04/2021 genbeta.com Difundidos los datos personales de más de un millón de clientes de Phone House tras no pagar el rescate del ciberataque sufrido
- 22/04/2021 xataka.com Filtran los datos de más de un millón de clientes de Phone House: qué se puede hacer si estamos en la lista y hasta qué punto se puede reclamar
- 23/04/2021 phonehouse.es [Update 26/04/2021] Preguntas frecuentes
- 23/04/2021 genbeta.com [Update 26/04/2021] Difundidos todos los datos personales obtenidos del ciberataque a Phone House: 113 GB con teléfonos, direcciones, DNI y más