Cyber attackers group Babuk has finally released all of Phone House’s customer and employee data. After a first file with the personal data of more than a million customers, all the data that they would have obtained from Phone House has now been published. Total, 113 GB of files and databases corresponding to more than 13 million Phone House customers, according to cyber attackers.
In the filtration it is possible to navigate between thousands of data. Columns with names, surnames, IDs, bank accounts, addresses, telephone numbers, emails, dates of birth and even the place of work or the store where the user became a customer.
One of the biggest data leaks of a Spanish company
Babuk is a new ransomware that began to act in 2021 and usually targets large companies, as described by cybersecurity company such as McAfee. Cyber attackers have posted a message on the Dark Web (.onion), where you can read your message and directly access the files with all the data.
During the previous days, Babuk explained that had requested a ransom from Phone House for not publishing the information. Predictably, based on the results, the company will not have collaborated with the attackers as cybersecurity agencies recommend.
From Xataka we have repeatedly consulted Phone House, for the moment without an answer. The company has not officially commented despite having spent several days. As established by law, Phone House must contact the Spanish Data Protection Agency within 72 hours and subsequently inform all affected customers that their data has been compromised.
During yesterday, the web ‘Have i been pwned?’ added a total of 5,223,350 Phone House accounts to its database. It is a recognized page from we can check if our data is among the filtered. According to the cyber attackers, they have obtained data from a total of 13 million customers. The figures Babuk explains in the message, the number of rows in the files and the number of Have I been Pwned vary, although in all cases there are more than a million affected.