DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Sg: Vhive alerts consumers to cyberattack

Posted on March 29, 2021 by Dissent

Vhive, a popular retail furniture chain in Singapore, has posted a notice on their web site and Facebook page announcing  a cyberattack that occurred on March 23.

Vhive announces hack on FB

Based on information provided to DataBreaches.net by the threat actors, this appear to have been a double extortion attack by ALTDOS threat actors that involves more than 300,000 customer records as well as other types of documents including transactions records and payment records. According to Vhive, the attack did not involve NRIC numbers (national registration identity card numbers required for every Singapore resident over age 15). Nor did it reportedly involve any financial information or credit card data.

The initial attack of vhive.com.sg allegedly occurred on March 21, with the private network server breached on March 22. A timeline claimed by the threat actors indicates that Vhive was able to recover its site and files using backups on March 23, but allegedly “failed to resolve major vulnerabilities, allowing ALTDOS to continue our attacks.” Those attacks allegedly continued on March 25, when ALTDOS downloaded source coding and files, and “encrypted all files on its server with a ransomware attack.”

As proof of compromise, ALTDOS provided a number of mp4’s showing them scrolling through directories and folders. They also provided some screencaps, including the one below which has been redacted by DataBreaches.net. It shows that there were more than 300,000 records in the “systemv” “customer” table. DataBreaches.net has redacted the customers’ names, addresses, and mobile phone numbers.

Vhive Customer Records

The threat actors do not indicate what kind of ransomware was involved, but in a past attack, they had informed this site that they generally avoid ransomware and had simply used AES 256 encryption.

According to the attackers, there was some negotiation with Vhive management on March 26, and when they asked for more time, ALTDOS gave the firm a 48-hour deadline.  On March 28, Vhive announced the breach on its web site and terminated negotiations with ALTDOS, who predictably responded by announcing that they  will start dumping data within a few days.
DataBreaches.net reached out to Vhive to ask for more details about the ransomware aspect and to inquire whether they wished to make any additional statement about the attack. This post will be updated if or when a response is received.
 

 

 

Category: Business SectorHackNon-U.S.

Post navigation

← Hackers backdoor PHP source code after internal repo hack
Hackers hit Harris in latest ‘highly sophisticated’ cyber attack →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Data breach of patient info ends in firing of Miami hospital employee
  • Texas DOT investigates breach of crash report records, sends notification letters
  • PowerSchool hacker pleads guilty, released on personal recognizance bond
  • Rewards for Justice offers $10M reward for info on RedLine developer or RedLine’s use by foreign governments
  • New evidence links long-running hacking group to Indian government
  • Zaporizhzhia Cyber ​​Police Exposes Hacker Who Caused Millions in Losses to Victims by Mining Cryptocurrency
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Google: Hackers target Salesforce accounts in data extortion attacks
  • The US Grid Attack Looming on the Horizon
  • US govt login portal could be one cyberattack away from collapse, say auditors

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • How the FBI Sought a Warrant to Search Instagram of Columbia Student Protesters
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Malaysia enacts data sharing rules for public sector
  • U.S. Enacts Take It Down Act
  • 23andMe Bankruptcy Judge Ponders Trump Bill’s Injunction Impact
  • Hell No: The ODNI Wants to Make it Easier for the Government to Buy Your Data Without Warrant
  • US State Dept. says silence or anonymity on social media is suspicious

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.