CityBee customer anxiety: surprised by unclear connection attempts, bank card changes

As you know, on Monday evening it was announced that 110 thousand people participated in an online forum. Information about CityBee customers registered in Lithuania.

It was later clarified that not only customers’ first names, last names, and personal codes were leaked, but also phone numbers, email addresses, residential addresses, driver’s license numbers, and encrypted passwords.

The company itself claimed that it does not collect confidential information related to customers’ payment methods. The date of February 22, 2018 has also been named; According to CityBee representatives, data from customers who had previously registered was leaked.

For his part, the person who offered to buy the database on the “000” forum said that he had not done anything illegal. “I didn’t break anything, all the data was publicly available,” he said in a message.

PIN requested

Sandra “Delfi” from Vilnius said that on Monday and Tuesday she was surprised to see requests to log into her Smart-ID account, which is used to confirm actions in electronic banking.

“I did not buy anything at that time, I did not connect to the gateway to e-government,” he said. – Of course, I did not approve. After that I looked at the bench to see if there was any scanning at times. In fact, I’ve experienced situations like this before, but I’ve never suffered. “

Sandra considered that these tests were probably just a coincidence and not related to the CityBee situation.

“Especially since it was a long time ago that those connections appeared. I also believe that in the case of CityBee, the bank card details are in the account. Perhaps some other data has been leaked, not just what is being communicated ”, doubted the interlocutor.

She said she did not verify the data breaches herself because she did not trust the websites that allowed her to do so.

“I think it’s not safer to check because there is a tracking system, then I’ll keep catching me, look what I was looking for,” he said.

Sandra added that she was an early CityBee user, so there is almost no doubt that her data has been leaked.

In the wake of the scandal, the woman said she changed most of her passwords and removed the card details from her CityBee account.

“I don’t plan to change the card itself because I trust the bank’s security systems,” he said.

I tried connecting to Spotify

Another Delfi interlocutor, Tom, said that someone tried to log into his wife’s Spotify account on the night of Monday to Tuesday.

“It drew a warning that someone was trying to break in,” he recalled.

“After that, I spit on everything and changed absolutely everything: from passwords to bank cards,” Tom said.

He explained that he used the same card, for example, to buy on Amazon; there was the same CityBee password, so the man decided not to take chances.

“When you go to your bank, you can ask for a new card and you can block the existing one and ask for the same new one,” he explained.

Tom said that two-factor authentication continues to rise everywhere.

Specialized evaluation

After listening to Sandra and Tomas’ stories, ESET Lietuva IT engineer Ramūnas Liubertas estimated that in the case of the former, it was probably a coincidence, and in the case of the latter he was not so sure.

“The leaked data is username, last name, personal identification number, login, email. Email address and password encrypted but easily decrypted. There is no leaked information related to the bank. When connecting to the bank, it is requested a user ID, this is not available in the leaked CityBee information. So there is probably a match here, “he said.

As for Spotify, the CityBee usernames and passwords may have matched here.

“If so, then there is a possibility.

On the other hand, the person selling the database said that they did not sell it to people with bad intentions. It is said to be sold only to researchers. “They are unlikely to try to use that information now,” Liubert said.

In any case, the specialist urged all owners of the leaked data to change their login passwords as soon as possible, to enable two-factor authentication.

“Of course, we must be vigilant, because along with other data, the residences have also been leaked. It is necessary to warn relatives, especially the elderly, as scammers can turn to parents and other close people.

For example, Facebook detects a list of loved ones and can take advantage of it. Say, here it is: First name Last name, with the corresponding personal code, you live at this address – money needs to be transferred. 115 thousand are filtered, it is a very large amount ”, commented R. Liubertas.