A major call center service provider in the Middle East has lost a huge amount of private customer data after a hack.
Resecurity researchers spotted the hackers trying to sell the stolen database on the dark web, via a new thread on the infamous Breached forums, where threat actors commonly share resources, buy and sell information, and communicate.
In the thread, the vendor said they hacked into a large AI-powered cloud call center in Saudi Arabia and gained access to its management dashboard, where they found more than 10 million conversations between consumers, operators and AI bots. These conversations, the researchers further explained, contain things like national identity documents, which the crooks can easily exfiltrate and sort, creating a powerful database of new, relevant information.
Sell access
“Sales: 1,000 business customers, 1 million end users (not customers, but users who use their chats on various services such as banks, airlines, etc.), 10 million+ chat messages/communications, GBs of documents (sent by customers and attached during chat with AI assistant) – gives bonus access to admin panel + VPN (engineer),” the ad reads.
This is incredibly valuable information for threat actors, who can later use it in phishing attacks, identity theft, social engineering attacks, and other malicious activities.
“Big data and access are useful (sic) for social engineering and other maneuvers, especially when in session with the customer. VPN is required to access it under engineer,” the ad concludes.
The database is sold for $15,000, payable in bitcoin or monero.
Resecurity said the attackers were spotted and quickly removed from the systems, so the access sold with the database is most likely no longer valid. However, the damage caused by the stolen database remains.
Via Info security