Audio House Customers May Have Gotten Their Personal Details Stolen by Hackers

Gone are the days where a robber has to physically break into your house to grab documents of your personal information and cold hard cash, leaving your house a ransacked mess.

Nowadays, it’s completely different—think more like “Watch Dogs”.

Hackers slip quietly in and out of servers, leaving you none the wiser. They literally have to send you an email, telling you: “Hey you’ve been hacked! Now give me money,” because if they didn’t do the service of informing you, you wouldn’t find out!

And that’s exactly what happened to electronics retailer Audio House.

Data Possibly Stolen By Hacking Group Altdos

According to The Straits Times, customers of the firm may have had their personal details, such as names and contact numbers, stolen by hacking group Altdos.

Audio House informed customers in an email on Monday (31 May) that Altdos gained unauthorised entry into its servers, accessing the membership database and stole information from it.

They then used the stolen data to blackmail the retailer.

Audio House revealed that the database contained information of nearly 180,000 customers. The data that could have been stolen included members’ names, e-mail addresses, home delivery addresses, contact numbers, credits with the company, and members’ past sales transaction records.

However, they reassured that all customer payment details and credit card information are handled by a third-party payment gateway, so no credit card information was stored or possibly breached.

“All our members’ eCashback and credits are safely stored with us, and you will still be able to use them in your purchases with us,” the retailer added.

Altdos has also threatened the company through emails, using fear tactics to pressure them to pay, though Audio House has not responded.

The firm has since apologised to its customers and urged them not to respond to any spam emails from Altdos.

In addition, they advised customers not to spread unverified information about the incident that could bolster the hacking group’s efforts.

Cybersecurity experts previously warned that personal details stolen by hackers could be used by cybercriminals to, among other things, send victims personalised phishing emails that would allow them to steal passwords or drop ransomware to lock up digital files until the crooks are paid.

Measures Taken

Of course, Audio House has lodged a police report and investigations are ongoing.

In a message to their customers, the firm said that they are “working with the police and other relevant authorities, as well as their team of web experts to investigate the breach and take measures to protect our customers’ interests.”

It has since strengthened its firewall and the system’s security after the breach and has suspended its website temporarily to conduct more tests and the firewall upgrade.

What is Altdos?

This isn’t Altdos’ first rodeo.

The hacking group attacked local furniture retailer, Vhive, back in April, seizing and leaking the records of over 300,000 customers.

Concentrated on stock exchanges and financial institutions, Altdos has a serial knack for stealing customer data from companies, blackmailing them, leaking the data online if their demands are not met and publicising the info.

In January, it reportedly broke into the IT infrastructure of Bangladeshi conglomerate Beximco Group and stole data from 34 databases.

“In total, Altdos has stolen hundreds of gigabytes of files, source coding and databases from 34 of Beximco websites, including its telecom subsidy—BOL-ONLINE.COM,” a spokesperson of the group allegedly said.

And in December 2020, it breached a Thai securities trading firm’s defences and subsequently leaked stolen data when the firm ignored its e-mail and demands.

Altdos is said to have conducted cyber-attacks in other countries as well, including the Philippines and Malaysia.

Mega yikes.

Feature Image: Rawpixel.com/ Shutterstock.com