The phone retailer Phone House was targeted in a ransomware attack by the Babuk ransomware group.
The cybercriminals stole sensitive PII (Personally Identifiable Information) belonging to its customers and employees, potentially affecting around 3 million people.
However, when the company refused to pay the ransom, the data of 1,048,575 people, contained in a 5.77 GB .csv file, was published.
The operators of the Babuk ransomware also released the remaining files on the Dark Web including 113 GB of data corresponding to 13 million customers.
TPRM report: https://www.rankiteo.com/company/phone-house
"id": "pho2240181122",
"linkid": "phone-house",
"type": "Ransomware",
"date": "04/2022",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'customers_affected': 13000000,
'industry': 'Telecommunications',
'name': 'Phone House',
'type': 'Retailer'}],
'data_breach': {'data_exfiltration': True,
'file_types_exposed': ['.csv'],
'number_of_records_exposed': 13000000,
'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': 'PII'},
'description': 'Phone House was targeted in a ransomware attack by the Babuk '
'ransomware group. The cybercriminals stole sensitive PII '
'belonging to its customers and employees, potentially '
'affecting around 3 million people. When the company refused '
'to pay the ransom, the data of 1,048,575 people, contained in '
'a 5.77 GB .csv file, was published. The operators of the '
'Babuk ransomware also released the remaining files on the '
'Dark Web including 113 GB of data corresponding to 13 million '
'customers.',
'impact': {'data_compromised': True},
'initial_access_broker': {'data_sold_on_dark_web': True},
'motivation': 'Financial gain',
'ransomware': {'data_exfiltration': True,
'ransom_demanded': True,
'ransomware_strain': 'Babuk'},
'threat_actor': 'Babuk ransomware group',
'title': 'Phone House Ransomware Attack by Babuk Group',
'type': 'Ransomware'}