DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Sg: Vhive alerts consumers to cyberattack

Posted on March 29, 2021 by Dissent

Vhive, a popular retail furniture chain in Singapore, has posted a notice on their web site and Facebook page announcing  a cyberattack that occurred on March 23.

Vhive announces hack on FB

Based on information provided to DataBreaches.net by the threat actors, this appear to have been a double extortion attack by ALTDOS threat actors that involves more than 300,000 customer records as well as other types of documents including transactions records and payment records. According to Vhive, the attack did not involve NRIC numbers (national registration identity card numbers required for every Singapore resident over age 15). Nor did it reportedly involve any financial information or credit card data.

The initial attack of vhive.com.sg allegedly occurred on March 21, with the private network server breached on March 22. A timeline claimed by the threat actors indicates that Vhive was able to recover its site and files using backups on March 23, but allegedly “failed to resolve major vulnerabilities, allowing ALTDOS to continue our attacks.” Those attacks allegedly continued on March 25, when ALTDOS downloaded source coding and files, and “encrypted all files on its server with a ransomware attack.”

As proof of compromise, ALTDOS provided a number of mp4’s showing them scrolling through directories and folders. They also provided some screencaps, including the one below which has been redacted by DataBreaches.net. It shows that there were more than 300,000 records in the “systemv” “customer” table. DataBreaches.net has redacted the customers’ names, addresses, and mobile phone numbers.

Vhive Customer Records

The threat actors do not indicate what kind of ransomware was involved, but in a past attack, they had informed this site that they generally avoid ransomware and had simply used AES 256 encryption.

According to the attackers, there was some negotiation with Vhive management on March 26, and when they asked for more time, ALTDOS gave the firm a 48-hour deadline.  On March 28, Vhive announced the breach on its web site and terminated negotiations with ALTDOS, who predictably responded by announcing that they  will start dumping data within a few days.
DataBreaches.net reached out to Vhive to ask for more details about the ransomware aspect and to inquire whether they wished to make any additional statement about the attack. This post will be updated if or when a response is received.
 

 

 

Related posts:

  • ASEAN companies still targeted by ALTDOS threat actors
  • SG: Vhive attackers escalate, take control of furniture retailer’s email server
  • From the frying pan into the fire: Thai business angers hackers
  • ALTDOS claims to have hacked one of Malaysia’s biggest conglomerates
Category: Business SectorHackNon-U.S.

Post navigation

← Hackers backdoor PHP source code after internal repo hack
Hackers hit Harris in latest ‘highly sophisticated’ cyber attack →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Texas Centers for Infectious Disease Associates Notifies Individuals of Data Breach in 2024
  • Battlefords Union Hospitals notifies patients of employee snooping in their records
  • Alert: Scattered Spider has added North American airline and transportation organizations to their target list
  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems
  • 222,000 customer records allegedly from Manhattan Parking Group leaked

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data
  • Sacred Secrets: The Biblical Case for Privacy and Data Protection
  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach
  • Nestle USA Settles Suit Over Job-Application Medical Questions

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.