Last night, Phone House communicated to its customers by email, after many days without making an official statement, that on April 11 it suffered a cyberattack. According to the company, its security measures have not been strong enough to prevent the attack (which has had dire consequences for its customers' data)
They also mention another point that we wondered if they had complied with, the obligation to report these attacks and breaches to the Spanish Data Protection Agency (AEPD). They claim that they have., as well as having been "in contact from the first moment with the Central Brigade for Technological Research (BCIT) of the National Police." They also say that they have denounced the events before said body.
They confirm everything we have seen in the leaked documents
The company frames everything that happened in "cyber attacks" "that are increasingly common" and "that they are affecting every request of entities". They say that they are attacks planned by international networks in order to profit, consisting of "encrypting and making the systems of said entities inaccessible with the intention of completely preventing their activity."
With these words, they define what we know as Ransomware. In this case, they have always talked about the group Babuk, although Phone House does not mention it in the email that has reached us.
In this sense, confirm that they have not acceded to the blackmail for not helping to finance other cyberattacks against other companies. They also point out that the downloading of their information "would be partial and would not affect all of the data processed by Phone House".
Finally, they review the potentially affected data, which from Genbeta we have been able to see in the documents: name, surname, postal address, email, ID (or equivalent), date of birth, gender, contracted products, and if provided, bank account. However, they state that "at no time have your bank card details been compromised", nor "have any type of passwords been put at risk".
The company has not made reference to the number of customers whose data has been leaked, despite the fact that, as we have confirmed, they are more than a million. The attackers have always given figures like 3 or 13 million.