How DDoS Attack On AWS Results In 3.7m FlexBooker Accounts Being Hacked

US based FlexBooker incident report claims a massive DDoS attack on AWS allowed the theft of data from over 3 million user accounts. The report shows the attack began on Dec. 23rd and was resolved the next day with the help of AWS technical services. On his HaveIBeenPwnd.com site, security researcher Troy Hunt claims to have received the files said they contained data from 3.7 million accounts. He said “the data included email addresses, names, phone numbers and for a small number of accounts, password hashes and partial credit card data. The data was found being actively traded on a popular hacking forum.”

FlexBooker provides appointment scheduling services for any small business that needs to schedule appointment, such as accountants, doctors, lawyers, hair salons, dentists, therapists, mechanics, etc. According to Bleeping computer, the data has been seen being traded on hacker forums by a group calling themselves Uawrongteam. They wrote that “The same intruders are offering databases claiming to be from two other entities: racing media organization Racing.com and Redbourne Group’s rediCASE case management software, both from Australia.”   

Experts Comments

January 10, 2022
Nasser Fattah
Executive Advisor
Shared Assessments

I am not familiar with the particulars of this attack, but I have seen where DDoS attacks are sometimes launched as a distraction (disrupt vital business services), while the adversary's primary goal is to gain access and exfiltrate sensitive information.  We know that there are financial losses associated with system outages, hence, why security teams have all eyes on glass, so to speak, when there is a DDoS attack.  And when this happens, it is important to be prepared for the possibility

.....Read More

I am not familiar with the particulars of this attack, but I have seen where DDoS attacks are sometimes launched as a distraction (disrupt vital business services), while the adversary's primary goal is to gain access and exfiltrate sensitive information.  We know that there are financial losses associated with system outages, hence, why security teams have all eyes on glass, so to speak, when there is a DDoS attack.  And when this happens, it is important to be prepared for the possibility of a multifaceted attack and be very diligent with monitoring other anomalies happening on the network.

  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.