- Cybercriminals leaked stolen data on a telegram channel
- Almost 3 million records of more than one million people were leaked.
- There are ways to mitigate risk
Experts have warned that the data stolen in the recent Ransomware Allianz Life attack have leaked to the open Internet, and have urged users affected to be guard.
Confidential information about the “majority” of the 1.4 million customers of the insurance company, including the names of people, addresses, telephone numbers, birth dates, fiscal identification numbers and even social security numbers, was published in a telegram group created by Shinyhunters, Spatrtred Spider and Lapsons $ threats.
In total, 2.8 million data records for individual clients and commercial partners were obtained as part of a broader attack against Salesforce instances. In addition to Allianz Life, the group also attributed a number of other high -profile incidents, including the Internet attack Archive, Pearson and Coinbase.
Stay protected
In general, cybercriminals would require a rescue payment in exchange for eliminating stolen files and not filtering it on the Internet.
Then, if these files were published, it is safe to assume that Allianz Life has decided not to pay (or the negotiations broke for other reasons). There is always the possibility that the criminals seecate the files even after they are paid because, after all, they are cybercriminals.
There are numerous ways in which computer pirates can abuse confidential files. They can impersonate their victims, open bank accounts in your name, request loans and credit cards, or accumulate debts. They can also make false tax statements, obtain access to medical treatment or prescribed medications and even get a job illegally, which could cause problems to victims during the background verifications.
Criminals can also use Social Security numbers to request various social security benefits, unemployment compensation or well -being.
The attack is particularly worrying, since these records could contain more than enough information for computer pirates to launch highly personalized and successful phishing campaigns, which leads to identity theft, cable fraud and even ransomware attacks.
How to stay safe
If you are worried that you have been caught in the incident, do not worry, there are a number of methods to find out. Haveibeenpwned? It is probably the best resource to verify if your data has been affected, offering a decrease in each large cybercrime incident of recent years.
And if you keep passwords on a Google account, you can use the Google password verification tool to see if any has committed, or register in one of the password administrator options that we have rounded to ensure that its logs are protected.
Through Bleepingcomputer
