On September 19th, Voicenter became a victim of a Data Breach and a Ransomware attack.
On September 21st, the attackers began leaking stolen data to the public.
According to the attackers, they are in possession of 15 Terabytes of data related to Voicenter and ~8,000 of their clients. This information consists of names, emails, phone numbers, call recordings, screenshots of Gmail/Whatsapp conversations, and more potentially very sensitive data.
Organizations that do not use Voicenter’s services are possibly indirectly at risk, due to the potentially compromised information of their employees – who could be the clients of one of the directly compromised companies due to this breach.
The full list of compromised clients is unknown at this point, nor is the full extent of the attack. It is known that some data of the following companies was compromised: Etoro, Gett, 018, Alljobs, Checkpoint, HackerU, Mobileye, Myheritage, Partner, and Similarweb.
A common side effect of large-scale data breaches is an increase in targeted phishing attacks against directly/indirectly affected organizations.
We urge extra caution when receiving text messages, emails, and phone calls, which means:
- Carefully review the content of the message/mail before clicking on links or opening attachments, when phishing, the attacker usually attempts to use scare tactics and urgency.
- Avoid sharing private/sensitive information via text or phone with unknown parties.
- When in doubt, report the incident for further investigation.
Remember that phishing can look very real, addressing the victim with the information he/she would assume only a legitimate body would know, therefore training is vigilance is necessary to mitigate such risks.