Khaberni - The company "Aura" (Aura), specialized in identity protection, has sparked a wide global controversy, after announcing a security breach involving nearly 900,000 consumer data records.
This incident reveals a striking irony; the company, trusted by millions of users to secure their digital identities, fell victim to a phishing attack targeting human vulnerability, resulting in the exposure of names and email addresses of thousands of current and former customers.
Details of the breach and digital infiltration scenario
According to "tomsguide", the incident began with a voice phishing attack targeting an employee's account, granting an unauthorized party full access for approximately one hour.
The attackers exploited this vulnerability to access a marketing tool belonging to a company that "Aura" had acquired in 2021.
Reports confirmed that the leaked data included contact information for 20,000 current customers and 15,000 former customers, while the rest of the records belong to broader marketing lists.
Ransom struggle and the stance of "ShinyHunters"
The group "ShinyHunters" (ShinyHunters) -known for its track record in data theft and cybercrime- claimed responsibility for the attack, alleging the seizure of 12 gigabytes of files containing personal identification data and corporate information.
The group indicated the failure of negotiations with the company to reach a financial agreement, which led them to publicly release the data.
In response, "Aura" emphasized that its core systems designed to protect sensitive data such as Social Security numbers, financial information, and passwords were not breached, asserting that such data is encrypted and not easily accessible.
The forgotten vulnerability
Official narratives from "Aura" collide with the threats of the extortion group, putting the user in a dilemma; while the company tries to reassure the public that future risks are limited, the "ShinyHunters" group boasts about possessing exceedingly sensitive corporate data.
Real tension lies in "the forgotten vulnerability"; it was revealed that the breach did not originate from the company's modern systems but infiltrated from an old marketing tool acquired by "Aura" in 2021, revealing a significant challenge faced by large companies when integrating security systems of varying strength.
Though technical reports indicate that 90% of this data had already been leaked in previous incidents to other parties, this breach carries a personal and troubling aspect as new leaks included customer service comments and user device IP addresses (IP).
This type of data transforms the breach from mere leakage of mute numbers to an explicit violation of behavioral privacy, providing hackers a precise "map" of a customer's digital movements and past interactions, opening doors to new waves of smartly-targeted fraud and convincing traps.
What should the affected customers do?
"Aura" announced its intention to notify affected customers individually. Practically, affected users are advised to monitor phishing messages that might exploit the leaked data, check their credit records, and consider updating passwords and enhancing two-factor authentication on sensitive accounts.
For its part, the company continues an internal investigation with the participation of external cybersecurity experts and has informed the appropriate law enforcement agencies about the incident.
