Carphone breach, bad actors run DDoS to cover the attack

Carphone Warehouse disclosed a sophisticated attack that may have impacted more than 2.4 million customers. Attackers covered the breach with DDoS attacks.
On Saturday Carphone Warehouse (CW) was reportedly swamped by hackers than may have accessed personal and financial details of around 2.4 million customers according to the mobile retailer. The data breach affects customers who used, and the websites. But it may not just stop there, apparently customers from iD Mobile, TalkTalk Mobile, Talk Mobile services may have been affected too.

The cybercriminals covered their attack with junk traffic as a smokescreen, while breaking into systems and stealing names, addresses, dates of birth, phone numbers and crucially bank details, sort codes and account numbers. Up to 90,000 customers may also have had their encrypted credit card details accessed.

They used DDoS attacks while carrying out more significant data breaches, this type of pre-attack can have two main reasons, to keep security response staff too busy to follow up alerts that can provide an early warning sign of intrusion, and to trick them into relaxing security controls such as firewall rules. While attacking with junk data the attackers left enough bandwidth available for a subsequent attack to infiltrate the network.

Smokescreen attacks as they are being referred is thought to have been used previously on Sony's PlayStation Network 2011's assaults and against US banks since at least 2012. The high values of the losses lead security companies and their clients to closure to public information on the security details in these cases until they are solved. As a result, these types of attacks appear to be effective and are becoming more common, especially Internet-connected businesses that house sensitive data.

Carphone Warehouse, is in the process of contacting customers affected by the breach and the end result might be millions in losses for the company.