- Cybercriminals have disclosed stolen data in a telegram channel
- Nearly 3 million recordings of more than a million people have been disclosed
- There are ways to mitigate the risk
Experts have warned that the data stolen during the recent attack by Ransomware Allianz Life have been disclosed on the open Internet and urged users assigned to be on their care.
Sensitive information on the “majority” of the 1.4 million customers of the insurance company, including the names of people, addresses, telephone numbers, birth dates, tax identification numbers and even social security numbers, was published in a group of telegrams created by Shinyhunters, Spourgered Spider and Lapsu $ threats.
In total, 2.8 million data files for individual customers and business partners were seized as part of a broader attack on Salesforce bodies. In addition to Allianz Life, the group has also taken credit for a number of other high -level incidents, including the internet attack archive, Pearson and Coinbase.
Stay protected
Usually cybercriminals would require ransom payment in exchange for deleting stolen files and not to disclose it on the Internet.
Thus, if these files have been published, it is sure to assume that Allianz Life has decided not to pay (or the negotiations are broken for other reasons). There is always the possibility that the crooks have disclosed the files even after being paid because they are, after all, cybercriminals.
There are many ways in which hackers can abuse sensitive files. They can pretend to be their victims, potentially open bank accounts with their names, request loans and credit cards or accumulate debt. They can also commit false income statements, access medical treatment or prescription drugs, and even get a job illegally, which could cause victims during the history checks.
Criminals can also use social security numbers to request various social security benefits, unemployment compensation or well-being.
The attack is particularly worrying, as these recordings could contain more than enough sensitive information for hackers to launch highly personalized and successful phishing campaigns, leading to identity theft, wire fraud and even ransomware attacks.
How to stay safe
If you worry, you may have been taken in the incident, don’t worry – there are a number of methods to discover. Haribeenpwned? is probably the best resource only to verify whether your contact details have been assigned, offering a dilapidated each large cyber-incident of recent years.
And if you save passwords on a Google account, you can use the Google password checking tool to see if it has been compromised or register for one of the password management options that we have gathered to make sure that your connections are protected.
Via Bleeping Compompute
