Millions of conversations exposed after the hacking of an artificial intelligence call center.

An important call center service provider in the Middle East has fallen victim to a cyberattack, resulting in the exposure of a large amount of private customer data. Researchers from Resecurity detected hackers attempting to sell the stolen database on the dark web, through a thread in the Breached forums, where threat actors commonly exchange resources as well as buy and sell information.

In this thread, the seller claimed to have compromised a prominent call center in Saudi Arabia, supported by artificial intelligence, gaining access to its administrative control panel. There, they found over 10 million interactions between consumers, operators, and AI bots. Investigations indicated that these conversations contained sensitive information, such as national identification documents, which would allow criminals to create a powerful database with current and relevant information.

The attacker’s offer included significant data: "Sale: 1,000 business customers, 1 million end users (those using their chat services, such as in banks and airlines), over 10 million chat/messages communications, gigabytes of documents (sent by customers and attached while interacting with the AI assistant) - Access to the administrative panel + VPN (engineer) offered as a bonus." This information is extremely valuable for wrongdoers, who could use it for phishing attacks, identity theft, social engineering, and other criminal activities.

The announcement highlights that access to this database is useful for social engineering tactics, especially when in direct contact with customers. It states that a VPN is required to securely access the data. The database is being sold for $15,000, payable in bitcoin or monero.

Resecurity was able to quickly identify and remove the attackers from the systems, so the access being sold with the database is likely no longer valid. However, the damage from the stolen database persists.