- Cyber criminals leaked stolen data in a telegram -channel
- Nearly 3 million items from more than one million people were leaked
- There are ways to reduce the risk
Experts have warned the data stolen in the recent Allianz Life Ransomware attack, leaked to the open internet and have called on affected users to be on their guard.
Sensitive information about “majority” of the insurance company’s 1.4 million customers, including people’s names, addresses, telephone numbers, dates of birth, tax identification numbers and even social security numbers, was published in a telegram group created by Shinyhunters, scattered Spider and Lapsu $ threat players.
In total, 2.8 million data registers for both individual customers and business partners were seized as part of a wider attack on Salesforce deposits. In addition to Allianz Life, the group also took credit for a number of other high -profile events, including the attack on Internet archive, Pearson and Coinbase.
Stay protected
Usually, cyber criminals will require a ransom payment in return for deleting the stolen files and not leaking it on the internet.
So if these files were published, it is safe to assume that Allianz Life has decided not to pay (or the negotiations collapsed for other reasons). There is always the possibility that the villains leaked the files, even after getting paid because these are after all cyber criminals.
There are several ways that hackers can abuse sensitive files. They can emulate their victims, potentially open bank accounts in their name, apply for loan and credit cards or rack up debt. They can also commit false tax returns, access medical treatment or prescription medication and even get a job illegally, which can cause problems for the victims under background control.
Criminals can also use social security numbers to apply for different social security services, unemployment compensation or welfare.
In particular, the attack is that such items could contain more than enough of sensitive information to hackers to launch very personalized, successful phishing campaigns, leading to identity theft, thread fraud and even ransomware attacks.
How to remain safe
If you are worried, you may have been caught in the incident, don’t worry – there are a number of methods to find out. Do i have? is probably the best resource only to check if your details have been affected, offering a wear and tear of any major cyber event in the last few years.
And if you save passwords to a Google account, you can use Google’s password tool to see if anyone has been compromised, or sign up for one of the password administrator settings we’ve rounded off to make sure your login is protected.
Via Bleeping computer
