Attackers are trading millions of records from 3 pre-holiday breaches on an online forum.
A threat group that calls itself Uawrongteam is putting data stolen from Flex Booker – a popular online appointment scheduling tool for booking services ranging from counselling to haircuts, on a cyber-criminal forum.
The data from Flex Booker is being offered by Uawrongteam, along with other databases stolen the same day, Dec. 23, from Racing.com & Redbourne Group’s rediCASE case management software, Bleeping Computer reported.
Notification to Users
Flex Booker sent a notification to users, explaining that its Amazon AWS servers were compromised by what the company was able to identify as a distributed denial-of-service (DDoS) attack. Flex Booker include the brands GoDaddy, Chipotle, Bausch + Lomb & Krewe.
“After working further with Amazon to understand what happened, we learned a certain set of data, including personal information of some customers, was accessed & downloaded,” the company stated.
Over 3.7m Flex Booker Records Available
According to Have I Been Pwned, the Flex Booker breach compromised 3.7m accounts with information including email addresses, names, phone numbers &, for some, partial credit card data.
Uawrongteam claimed that its stolen database contains 10m lines, including payment details.
Flex Booker commented in its disclosure that it considers the matter resolved & is “… still monitoring for any lingering issues.”
May Not be Over
The attack may not be over, warned Nasser Fattah with Shared Assessments.
“We know that there are financial losses associated with system outages, hence, why security teams have all eyes on glass, so to speak, when there is a DDoS attack,” Fattah explained on Fri.
“When this happens, it is important to be prepared for the possibility of a multifaceted attack & be very diligent with monitoring other anomalies happening on the network.”