Threat actors compromised the FlexBooker accounts of more than 3.7 million users, the attack took place before the holidays. Stolen data are now available for sale on multiple cybercrime forums.
FlexBooker is an online appointment scheduling platform that allows users to schedule appointments and sync employee calendars.
The attack was carried out by a group calling themselves Uawrongteam, who published links to archives and files containing IDs, driver’s licenses, photos. The threat actors claim the stolen database contains customer information, including names, emails, phone numbers, hashed passwords, and password salt.
The company already notified local authorities and sent a data breach notification to the impacted customers. According to the notification, threat actors compromised the service’s Amazon cloud storage system.
FlexBooker recommends users stay vigilant and review account statements and credit reports for suspicious transactions
The data breach notification service Have I Been Pwned reports that 3,756,794 accounts were compromised in the attack.
“In December 2021, the online booking service FlexBooker suffered a data breach that exposed 3.7 million accounts. The data included email addresses, names, phone numbers and for a small number of accounts, password hashes and partial credit card data. The data was found being actively traded on a popular hacking forum. FlexBooker has identified the breach as originating from a compromised account within their AWS infrastructure.” states HIBP.
The Uawrongteam is also offering data allegedly stolen from the Racing.com digital television and the rediCASE Case Management Software developed by the Redbourne Group.
(SecurityAffairs – hacking, IKEA)