Phone House suffers a cyber attack: data from 3 million Spanish customers at stake
The Spanish division of Phone House has suffered a cyberattack in which the data of more than 3 million customers and employees of the company have been stolen.
The chain of stores selling mobile phones Phone House in Spain has suffered a cyberattack by ransomware that has resulted in the theft of data from 3 million clients in our country, highly sensitive information that attackers could use in the future for social engineering.
As reported The confidential, the Spanish division of Phone House has suffered a cyberattack this weekend in which cybercriminals have taken millions of data not only from customers, but also from their employees in Spanish territory. Apparently those responsible for the cyber attack are Babuk, and according to what elconfidencial has learned, the attackers have a large amount of data from the Spanish company, employees and customers.
Among the data currently in the possession of cybercriminals would include the full name of the clients, date of birth, ID, bank account, mobile phone, email, home address and company where they work. This is more than enough data to carry out social engineering in the future and access much more sensitive data.
Cybercriminals claim they have 10 databases containing private information of more than 3 million customers and employees of the Spanish division of Phone House. They threaten that, if the company does not pay, all this information will be published in a public blog and darkweb forums, and on top of that the data will be sent to competitors.
The amount requested by this group of cybercriminals from Phone House in order not to disseminate the data has not transpired, and it is unknown whether the company will finally pay the ransom or opt for other types of channels.
The data seems real, since the attacking group has spread different images that seem to prove that they really have this data from more than 3 million Spanish clients. However, elconfidencial has contacted two people who appear in these databases and have confirmed that they have been Phone House customers.
The aforementioned databases would have been stolen through a ransomware attack, which initially infected a single company computer, and later blocked all accesses while stealing and encrypting the rest of the system files.
The security firm McAfee has already warned that the Babuk ransomware it was one of the new threats that had emerged with the advent of 2021, and Spain was one of the most affected countries.