Flexbooker Suffers Massive Data Breach, Millions Of Users Compromised

Appointment scheduling service FlexBooker clients were on the receiving end as threat actors have made off with the data of three million users. The Flexbooker Data breach happened before the holidays, and the compromised data is now being sold on hacker forums.

The perpetrators offered the databases of information of two clients already. The first database pertains to Racing.com and the other one to rediCASE, Redbourne Group’s case management software. Both the clients are from Australia.

Details about FlexBooker Data Breach:

A lock and keys with the words "Security Breach"

FlexBooker suffered all three breaches a few days before Christmas, and the unlawfully obtained data was published on a hacker forum. This breach is massive as various clients of FlexBooker widely use the service to synchronize their employee calendars and plan appointments.

From accountants to lawyers, business owners of various enterprises have reaped the services of FlexBooker. The primary service they used was appointment scheduling. This is the worrying aspect of this entire incident, as personal information is often required to book appointments.


Also Read: Broward Health Data Breach: Data of 1.3Mn Patients Ends Up in Wrong Hands!


A group called “Uawrongteam” has claimed responsibility for this attack. They have shared links to data containing sensitive information. The compromised data includes photos, drivers’ licenses, and other ID information.

The group has elaborated that the database it possesses contains a table of 10 million lines that details the customer ID information. Ranging from payment forms to driver’s license photos, the hacker group has pilfered a lot of information from this table.

The group commented that the database’s “juicy columns” contain names, contact information, password salt, and hashed passwords.

FlexBooker was forthcoming as it acknowledged the incident by sending a notification to its customers that hackers “accessed and downloaded” data housed on AWS, the Amazon cloud storage system.


Also Read: Crypto Firm ONUS Suffers Data Breach, Data of 2 Mn Customers Put for Sale!


“On December 23, 2021, starting at 4:05 PM EST, our account on Amazon’s AWS servers was compromised,” read their official notification. FlexBooker placated its affected customers that the hackers didn’t possess any payment information, which included credit cards.

FlexBooker cautioned its users to stay vigilant and to watch their account statements for any suspicious activity. Initially, it was assumed that the incident was a distributed denial of service (DDoS). Only later was it uncovered that the personal information of customers was compromised. As per “Have I Been Pwned data breach service”, “Uawrongteam” made off with the data of more than 3.7 million accounts.

How Stealthlabs can help you

Breaches have multiplied in recent times. Of late, the magnitude and aftereffects of these attacks have increased. It is pertinent never to ignore security, and one has to employ Stealthlabs as we are one of the leading names in the security arena.

From two-factor authentication to cutting-edge customized security solutions, our clients’ solutions are fortified with unparalleled security. So, reach out to us and walk away with a solution that stands the test of time.

Contact Us


More Articles: