Case Study: FlexBooker Breach December 2021 

Case Study: FlexBooker Breach

December 2021

FlexBooker, an appointment scheduling service, was another high-profile victim of a massive data breach affecting roughly 3 million users just before the holidays. The threat actors unlawfully accessed sensitive data such as drivers’ licenses, photos, and other ID information, posting them on various hacker forums. The group managed to compromise FlexBooker’s data by exploiting its AWS configuration. Once inside, they installed malware onto the servers, which allowed them to gain full control over the system. Perhaps unsurprisingly, various professionals, including lawyers, accountants, and consultants, left the platform after the incident, affecting the company into 2022.

Link: https://www.electric.ai/blog/recent-big-company-data-breaches

Using the concept of CIA triad, assign a low, moderate, or high impact level for the loss of confidentiality, integrity, and availability respectively to the FlexBooker case above.  Provide as much as details as possible to justify your analysis rating.