FlexBooker Breached, Over 3.7 Million Impacted

This article has been indexed from

CySecurity News – Latest Information Security and Hacking Incidents

 

A cybercriminal group that identifies itself as Uawrongteam has compromised accounts of more than three million users of the U.S.based FlexBooker – a popular online appointment scheduling platform that allows customers to schedule appointments ranging from counseling to haircuts. 
The same intruders are offering data on hacker forums from FlexBooker along with other databases compromised on the same day, belonging to Racing.com and Redbourne Group’s rediCASE case management software, both from Australia. 
According to the reports, the compromised data that has been published on malicious websites includes IDs, photos, driver’s licenses. The stolen database also contains customer information such as names, phone numbers, emails, hashed passwords, and password salt. 
The organization has already alarmed local authorities and sent notifications to its customers, explaining that its Amazon AWS servers have been breached by distributed denial-of-service (DDoS) attack. FlexBooker customers include the brands Chipotle, GoDaddy, Bausch + Lomb, and Krewe. 
“After working further with Amazon to understand what happened, we learned a certain set of data, including personal information of some customers, was accessed and downloaded,” the company said. Meanwhile, Nasser Fattah, a cyber security expert, warned that the attack might not be over. 
FlexBooker Breached, Over 3.7 Million Impacted