- Cybercriminals leaked stolen knowledge in a Telegram channel
- Virtually 3 million data from greater than one million individuals have been leaked
- There are methods to mitigate the chance
Consultants have warned the info stolen within the current Allianz Life ransomware attack has been leaked to the open web, and have urged affected customers to be on their guard.
Delicate info on the “majority” of the insurance coverage firm’s 1.4 million clients, together with individuals’s names, addresses, telephone numbers, dates of delivery, Tax Identification Numbers, and even social security numbers, was printed in a Telegram group created by ShinyHunters, Scattered Spider, and Lapsu$ menace actors.
In total, 2.8 million data records for both individual customers and business partners were grabbed as part of a wider attack on Salesforce situations. Apart from Allianz Life, the group additionally took credit score for quite a few different, high-profile incidents, together with the assault on Internet Archive, Pearson, and Coinbase.
Stay protected
Usually, cybercriminals would demand a ransom payment in exchange for deleting the stolen files and not leaking it on the internet.
So, if these files were published, it is safe to assume Allianz Life has decided not to pay (or the negotiations broke down for other reasons). There is always the possibility that the crooks leaked the files even after getting paid because these are, after all, cybercriminals.
There are numerous ways hackers can abuse sensitive files. They can impersonate their victims, potentially opening bank accounts in their name, apply for loans and credit cards, or rack up debt. They can also commit fake tax returns, gain access to medical treatment or prescription drugs, and even get a job illegally, which might cause problems for the victims during background checks.
Criminals might also use social security numbers to apply for various Social Security benefits, unemployment compensation, or welfare.
The attack is particularly concerning as such records could contain more than enough of sensitive information for hackers to launch highly personalized, successful phishing campaigns, leading to identity theft, wire fraud, and even ransomware assaults.
How to stay safe
If you’re concerned you may have been caught up in the incident, don’t worry – there are a number of methods to find out. HaveIBeenPwned? is probably the best resource only to check if your details have been affected, offering a run-down of every big cyber incident of the past few years.
And if you save passwords to a Google account, you can use Google’s Password Checkup tool to see if any have been compromised, or sign up for one of the password manager choices we have rounded up to verify your logins are protected.
Through BleepingComputer
You might also like
Source link
