They ask for a ransom for not disclosing the personal data of more than 3 million customers and employees

Phone House has been threatened by cyber attackers. Through their page on the Dark Web, those responsible for the Babuk ransomware have published a message with several captures showing them personal data such as ID, IMEI number, email and address.

The cyber attackers explain that they have “databases containing private information (full name, date of birth, email, telephone, address, nationality …) of more than 3 million customers and employees of The Phone House”, threatening to that “if you do not pay, all this information will be published in our public blog and darknet forums and will be sent to all your partners and competitors”.

The alleged cyber attack has not yet been confirmed by Phone House, but cybersecurity companies such as McAfee have warned of this new Babuk ransomware that has started to act in 2021 and it has already affected several large companies.


More than 100 GB of personal data

Th Phone House Babuk’s message, accessible via the Tor network.

In total, according to the cyber attackers, more than 100 GB of data, distributed in 10 Oracle databases. User biba99 has posted a message on Raidforums where he links to his Dark Web blog where the captures can be seen.

Among the personal data that they would have obtained are the following:

  • Name and surname
  • Date of birth
  • DAYS
  • Bank account
  • Mobile phone
  • Email address
  • Address
  • Company they work for

The cyberattack has been advanced by El Confidencial, who has also contacted some of those present in the information and has verified that yes they have been clients of Phone House.

Names Phone Hous

The 10 .dmp files have the names info sales, Phone, insurance, ventasonline or smarthouse, anticipating that they could be related to different databases of the company’s sectors.

Babuk Locker is a new ransomware of this 2021, but it has already been analyzed in detail. As McAfee explains, at least one of the affected companies paid the cybercriminals about $ 85,000 after negotiations to rescue the information. An action that cybersecurity organizations do not recommend doing.

Researchers describe ransomware as “unsophisticated” but very dangerous, operating like others already known.

From Xataka we have answered with Phone House to learn more details about the scope of this cyber attack. We will update as soon as we get a response.

Leave a Comment