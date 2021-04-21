The phone store Phone House has been the victim of a cyberattack. The Babuk cybercriminal group claims to have acquired an important database containing sensitive employee and customer information. Everything seems to indicate that they are full names, dates of birth, ID and bank account numbers, among other information, of 13 million people.

As reported by El Confidencial, this weekend, cyber criminals asked for a ransom so as not to publish the stolen information. However, after I have not received a payment from Phone House (the required amount has not been disclosed), Babuk published a part of the database on Wednesday.

The group threatens that, in the event that the ransom is not paid, the entire stolen material will be published. They ensure that the information will not only be published on their public blog and on the darknet, but will also be sent to partners and competitors of Phone House.

Babuk’s threat to Phone House

One of the messages posted by Babuk

Babuk would have used a ransomware of the same name to infect Phone House computers. It is a threat recently discovered by the cybersecurity firm McAfee. This, like other threats of this type, steals computer data and filters it. Since the beginning of the year, at least 5 companies have been affected with this type of attack.

According to a note published by the attackers themselves on the darknet, the stolen information contains the personal data of more than 13 million customers and employees. It is about 100 GB which include:

Full name DNI Bank account number Telephone Email Address Employment Date of birth

After not receiving the ransom payment, a part with information on 3 million people would have been published. El Confidencial, who has accessed the material, has confirmed that it is Phone House customer data. Likewise, cybercriminals have published images with part of the data to validate them.

The publication of some or all of Phone House’s customer and employee data on the web is only the beginning of the problem. These, as they contain personal and banking information, could be used by other cybercriminals to mount identity theft, scams and phishing campaigns.

