DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

SG: Vhive attackers escalate, take control of furniture retailer’s email server

Posted on April 3, 2021 by Dissent

On March 29, DataBreaches.net reported a confirmed hack of Singapore retail furniture chain Vhive. Previous coverage of the attack, as reported by ALTDOS threat actors and as reported by the firm on their site can be found here.  At the time of that publication, ransom negotiations between the firm and the attackers appeared to have broken off.

At some point, however, it appears that Vhive agreed to pay $75,000 USD. But the firm reneged and missed the agreed-upon April 2 payment date. Within hours of them missing that deadline, ALTDOS attacked them for a third time and took over their mail server. Yesterday, in a series of emails, ALTDOS informed this site that VHive had

sent us a message today that their management intends to instead allocate funds to compensate their customers whom have been affected by the data breach. ALTDOS scan through their email server, apparently Vhive has not informed their customers individually with regards to the personal data breach. Based on research, it is required legally for Vhive to inform their customers of a personal data breach within 3 days from knowledge of the hack.

Not to worry, ALTDOS has already assisted Vhive to send a message to their customers, informing them about their personal data breach.

Indeed, ALTDOS demonstrated that they had control of Vhive’s email server and sent out emails to customers. Those emails told customers that Vhive had been hacked. A copy of the email, provided to DataBreaches.net, says, in part:

Due to this unfortunate breach of agreement by VHIVE, ALTDOS hereby inform you that 300,000 customers’s personal information will be published publicly. The first 10,000 customer records has been published on https://[redacted by DataBreaches.net] and 50 other public data dump sites. 20,000 additional records will be published each day, starting today until Vhive management agrees to our demand. This action is neccesary to punish VHIVE management for making empty promises to ALTDOS and showing no concern for the safety of their customers

ALTDOS has stolen all of VHIVE’s coding and databases, including 311,468 customer personal information, 352,210 delivery records, 471,553 payment records, 584,979 transaction records and all other financial or corporate data.

If customers attempted to email Vhive to ask if the email from the firm was for real, they received an auto-responder from ALTDOS. The auto-response stated  that ALTDOS had compromised Vhive for the third time since March 22, and it linked to a data dump of customer data, warning that more would be dumped each day. The data dump contained the following fields: “firstname, lastname, email, password, address1,address2, postal, country, mobile.”

Even as of this morning, ALTDOS still appeared to be in control of Vhive’s mail server, but has informed DataBreaches.net that Vhive has regained control of it.

DataBreaches.net has reported on previous attacks by ALTDOS in Thailand and Bangladesh. The threat actor(s) focus on ASEAN (Association of Southeast Asian Nations) entities.

The Straits Times confirms that the police are investigating. DataBreaches.net sent an inquiry to the PDPC on Friday to inquire whether Singapore’s data protection commission was also investigating but has received no reply yet.

Related posts:

  • ASEAN companies still targeted by ALTDOS threat actors
  • Forbes Breach Email Statistics
  • From the frying pan into the fire: Thai business angers hackers
  • TeamGhostShell posts “master list” of 548 leaks (so far)
Category: Breach IncidentsBusiness SectorHackNon-U.S.

Post navigation

← “Anonymous” tries to get this site’s post on MobiKwik censored
Buying Breached Data: When Is It Ethical? →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems
  • 222,000 customer records allegedly from Manhattan Parking Group leaked
  • Breaches have consequences (sometimes) (1)
  • Kansas City Man Pleads Guilty for Hacking a Non-Profit
  • British national “IntelBroker” charged with causing $25 million in damages; U.S. seeks his extradition from France

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data
  • Sacred Secrets: The Biblical Case for Privacy and Data Protection
  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach
  • Nestle USA Settles Suit Over Job-Application Medical Questions

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.