A cybercriminal group that identifies itself as Uawrongteam has compromised accounts of more than three million users of the U.S.based FlexBooker – a popular online appointment scheduling platform that allows customers to schedule appointments ranging from counseling to haircuts.
The same intruders are offering data on hacker forums from FlexBooker along with other databases compromised on the same day, belonging to Racing.com and Redbourne Group’s rediCASE case management software, both from Australia.
According to the reports, the compromised data that has been published on malicious websites includes IDs, photos, driver’s licenses. The stolen database also contains customer information such as names, phone numbers, emails, hashed passwords, and password salt.
The organization has already alarmed local authorities and sent notifications to its customers, explaining that its Amazon AWS servers have been breached by distributed denial-of-service (DDoS) attack. FlexBooker customers include the brands Chipotle, GoDaddy, Bausch + Lomb, and Krewe.
“After working further with Amazon to understand what happened, we learned a certain set of data, including personal information of some customers, was accessed and downloaded,” the company said. Meanwhile, Nasser Fattah, a cyber security expert, warned that the attack might not be over.
“We know that there are financial losses associated with system outages, hence, why security teams have all eyes on glass, so to speak, when there is a DDoS attack…,” Fattah explained on Friday. “…And when this happens, it is important to be prepared for the possibility of a multifaceted attack and be very diligent with monitoring other anomalies happening on the network.”