FlexBooker

FlexBooker operates as a U.S.-based appointment scheduling service that provides a cloud‑based platform for businesses and individuals to manage bookings, calendars, and client interactions. The service is designed to streamline the process of setting up appointments across various industries, allowing users to send reminders, collect information, and handle rescheduling through an online interface. By focusing on the scheduling niche, FlexBooker aims to reduce administrative overhead and improve customer experience for its users. The company’s headquarters are located in the United States of America, indicating its primary market and operational base.

The scale of FlexBooker’s reach became evident during the December 23 2021 data breach, when attackers accessed and downloaded information from over 3.7 million accounts stored in its AWS cloud infrastructure. This incident highlighted the volume of personal data the platform handles, including names, email addresses, phone numbers, password hashes with salts, partial credit card details, and driver’s license photos. The breach also underscored FlexBooker’s specialization in managing sensitive personally identifiable information and authentication credentials as part of its scheduling functionality. Notably, the same threat actor group targeted an Australian racing media organization and a case management software provider simultaneously, suggesting a broader campaign rather than an isolated attack. No explicit details about FlexBooker’s ownership, parent company, or subsidiary relationships are provided in the available sources, so those structural aspects remain unspecified. The incident demonstrated the importance of robust cloud security controls for services that aggregate extensive user data for appointment management.