A group of hackers trades a database of information stolen from FlexBooker, a cloud-based appointment scheduling tool, that contains sensitive customer data. according to PCThe company had a security breach before the holidays and notified its customers of the attack in an email, revealing that Amazon AWS servers had been hacked on December 23. It also admitted that its system data storage had been accessed and downloaded.
Based on information from Have I Been Pwned, the hack compromised 3.7 million accounts containing email addresses, names, passwords, phone numbers and partial credit card numbers. PC He says a group called Uawrongteam took credit for the attack and shared links to archives with the stolen data, which the group claimed also included users’ driver licenses and other identifiers, password salt and hashed passwords. Typical FlexBooker clients are people who need to be able to quickly schedule appointments with clients, such as doctors, lawyers, dentists, gyms, mechanics, salons, trainers, therapists, etc.
In the email sent to users by Flexbooker, it said the hackers failed to obtain “any credit card or other payment card information.” We believe the company did not take the stolen partial credit card numbers into account. Prior to using Flexbooker, Uawrongteam had previously claimed other data breaches and had also exchanged databases with information stolen from its previous targets. It includes data from Racing.com, the digital television network that broadcasts horse racing, and from the rediCASE case management software solution for health services and other companies.
All products recommended by Engadget are handpicked by our editorial team, independently of the parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.