Phone House threatened with disseminating the personal data of more than 3 million customers and employees if they do not pay a ransom




Phone House, the telecommunications services sales chain, has been the victim of an alleged cyberattack, and those responsible demand a ransom in exchange for not spreading a huge database with private information of millions of customers and employees of the company.



According to the attackers, this data includes from full names and dates of birth, even emails, phone numbers, address, nationality, IMEI, DNI and more. Behind this seem to be those responsible for Babuk, a new ransomware that McAfee already warned about in February.



Threats on the Dark Web



The group has left a message to the company on the Dark Web (URL .onion accessible through the Tor network), threatening to release all the information they obtained if the company does not pay a ransom:




Phone House Threat





We have downloaded a complete dump of your 10 Oracle databases that contain GDPR information (full name, date of birth, email, phone, address, nationality, imei, etc) of more than 3 million customers and employees. If they don't pay - all this information will be published on our public blog, darknet forums, and sent to all your partners and competitors.








Ransomware cyberattacks continue to increase and the most vulnerable computers are those using old versions of Windows






Along with the message they have included the names of the databases and several captures with dozens of records as an example of the stolen information. In El Confidencial they had advanced the news, and they contacted two people who appear in the database, and who have confirmed to have been customers of Phone House.



According to McAfee, During 2021, more than five large companies have been victims of Babuk, and one of these would have already paid $ 85,000 to cybercriminals after the negotiations. Apparently, the group behind this ransomware is attacking companies in the transportation, healthcare, plastics, electronics, and agricultural sectors in multiple regions of the world.



Phone House has not yet confirmed the attack or offered any comment. Our colleagues from Xataka have contacted the company to find out more details about the situation. We will update this note to get a response.



Cover image | Bvdhengel