The bad guys are starting off the new year with ambitious schemes – they’re trading millions of records stolen in three attacks, one of which is the FlexBooker data breach.
Uawrongteam Behind The FlexBooker Data Breach
A cybercriminal group called Uawrongteam is publishing records stolen from FlexBooker on an underground forum. FlexBooker is a U.S.-based online booking tool for all kinds of services.
Bleeping Computer reported that the FlexBooker data is up for sale along with other databases stolen on the same day – December 23, belonging to Racing.com and Redbourne Group’s rediCASE case management software.
According to the perpetrators, the database contains a massive table with 10 million lines of customer details, including, names, email addresses, phone numbers, passwords, payment forms, and driver’s license photos.
Soon after the attack, the company notified its users, explaining that its Amazon AWS servers had been compromised by a DDoS (distributed-denial-of-service) attack. FlexBooker works with customers such as the brands GoDaddy, Chipotle, Bausch + Lomb, and Krewe.
“After working further with Amazon to understand what happened, we learned a certain set of data, including personal information of some customers, was accessed and downloaded,” the company wrote.
“On December 23, 2021, starting at 4:05 PM EST our account on Amazon’s AWS servers was compromised,” reads the notification, adding that the intruders did not access “any credit card or other payment card information.”
Over 3.7 Million Records Up For Sale
According to Have I Been Pwned, the FlexBooker breach compromised 3.7 million accounts with sensitive data including email addresses, names, phone numbers, and, for some, partial credit card data.
FlexBooker said in its disclosure notice that it considers the matter resolved and is “… still monitoring for any lingering issues.”
But Nasser Fattah with Shared Assessments warned that the attack might not even end here.
“We know that there are financial losses associated with system outages, hence, why security teams have all eyes on glass, so to speak, when there is a DDoS attack,” Fattah explained to Threatpost on Friday. “And when this happens, it is important to be prepared for the possibility of a multifaceted attack and be very diligent with monitoring other anomalies happening on the network.”
No Business Is Safe From Data Breaches
A data breach is more than that moment in time that compromised your network. Its consequences extend over very long periods of time.
Every company faces countless attacks daily. Increase your business’s value by implementing a robust cybersecurity system, establishing a data breach response plan, and preparing your employees with a strong security awareness training program.
Most data breaches start with phishing emails.
Over one billion phishing emails are sent out each day, and many of them bypass security filters. Thus, you need to be able to rely on your employees to stay vigilant and spot phishing scams.
You can successfully defend your business partly by training your employees on cybersecurity matters and especially phishing attacks, and partly by adopting more rigorous security measures, such as implementing multi-factor authentication and user behavior analytics.
Researching the latest phishing trends and strategies and adequately training your employees can be a hassle, so leave it to professionals.
ATTACK Simulator’s Security Awareness Training program will help you equip your employees with the necessary security knowledge and up-to-date security practices to keep your company safe from scammers and avoid potentially irreparable damage.
Bleeping Computer FlexBooker discloses data breach, over 3.7 million accounts impacted
Feature Image: Technology photo created by rawpixel.com – www.freepik.com