Data breach that would affect 3 million people

Posted date 22/04/2021

On 11 April, the phone retailer Phone House was allegedly the victim of a Babuk ransomware-type cyberattack. The cybercriminals stole sensitive PII (Personally Identifiable Information) belonging to its customers and employees, potentially affecting around 3 million people.

In the face of the company's refusal to pay the ransom, the data of 1,048,575 people, contained in a 5.77 GB .csv file, has already been published.

[Update 26/04/2021] Finally, the operators of the Babuk ransomware have released the remaining files on the Dark Web, as the company has not paid the ransom. According to the authors of the cyber-attack, this new release includes 113 GB of data corresponding to 13 million customers. For its part, Phone House has published an official statement containing a series of questions and answers (FAQ) to clarify, among other questions, the doubts that may have arisen about the cyberattack, explaining what happened, the actions the company is taking to solve it and the recommendations to follow.