Carphone breach, bad actors run DDoS to cover the attack

Pierluigi Paganini August 13, 2015

Carphone Warehouse disclosed a sophisticated attack that may have impacted more than 2.4 million customers. Attackers covered the breach with DDoS attacks.

On Saturday Carphone Warehouse (CW) was reportedly swamped by hackers than may have accessed personal and financial details of around 2.4 million customers according to the mobile retailer. The data breach affects customers who used OneStopPhoneShop.com, e2save.com and the Mobiles.co.uk websites. But it may not just stop there, apparently customers from iD Mobile, TalkTalk Mobile, Talk Mobile services may have been affected too.

The cybercriminals covered their attack with junk traffic as a smokescreen, while breaking into systems and stealing names, addresses, dates of birth, phone numbers and crucially bank details, sort codes and account numbers.  Up to 90,000 customers may also have had their encrypted credit card details accessed.

Carphone Warehouse hack

They used DDoS attacks while carrying out more significant data breaches, this type of pre-attack can have two main reasons, to keep security response staff too busy to follow up alerts that can provide an early warning sign of intrusion, and to trick them into relaxing security controls such as firewall rules.  While attacking with junk data the attackers left enough bandwidth available for a subsequent attack to infiltrate the network.

Smokescreen attacks as they are being referred is thought to have been used previously on Sony’s PlayStation Network 2011’s assaults and against US banks since at least 2012. The high values of the losses lead security companies and their clients to closure to public information on the security details in these cases until they are solved. As a result, these types of attacks appear to be effective and are becoming more common, especially Internet-connected businesses that house sensitive data.

Carphone Warehouse, is in the process of contacting customers affected by the breach and the end result might be millions in losses for the company.

About the Author Bruno Esteves Macedo

Bruno is a CIO, public speaker / technology evangelist and information systems security lecturer. With more than 16 years experience as CIO Internacionaly managing technology-enabled business transformations.  Areas of expertise: Cybersecurity, fraud management, aviation security, business intelligence, and banking finance.

Edited by Pierluigi Paganini

(Security Affairs – Carphone Warehouse, data breach)



you might also like

leave a comment