Cyber Incident Victim: Phone House Spain

The Babuk ransomware group attacked Phone House Spain, with the incident becoming public around April 15-16, 2021. Attackers demanded a $6 million ransom (approximately 97 bitcoins at the April 16 exchange rate) and threatened to disclose stolen data publicly if payment was not made by April 17. SuspectFile attempted to contact Phone House Spain on the morning of April 16 to alert them about the impending deadline but received no response. The ransomware group followed through on its threat by releasing screenshots of compromised databases on April 17, confirming the breach through their dedicated leak site. Spanish media outlets subsequently reported the incident after reviewing these published materials, though Phone House Spain maintained no public acknowledgment of communications with either the attackers or journalists at this stage.

The attack compromised personal data belonging to approximately 3 million customers, though specific data types were not detailed beyond the database screenshots displayed by Babuk. No evidence emerged regarding Phone House Spain's containment measures, incident detection methods, or system recovery processes. The company's lack of response to media inquiries left the scope of operational disruption and technical impact unverified. Financial consequences remained unreported, with no confirmation of whether the ransom was paid or if further data disclosures occurred beyond the initial screenshot release. Customer notification procedures and regulatory disclosures were not documented in available sources following the breach announcement.