Transak data breach affects over 92,000 users following phishing attack


Transak , a firm providing crypto on-ramp services, has recently reported a data breach impacting over 92,000 users due to a phishing incident

Transak , a firm providing crypto on-ramp services, has recently reported a data breach impacting over 92,000 users due to a phishing incident. The breach, which exposed Know Your Customer (KYC) data, underscores persistent cybersecurity challenges within the cryptocurrency sector.

In a blog post from 21 October 2024, Transak shared that the breach was linked to a phishing attack on an employee's laptop. This vulnerability granted the attacker access to a third-party KYC vendor’s system used by Transak for identity verification processes. The compromised data includes users’ personal information such as names, birth dates, passports, driver’s licences, and ID selfies, affecting 92,554 individuals, or roughly 1.14% of Transak’s user base.

Transak clarified that no financial data was compromised in the breach. According to the company, no email addresses, phone numbers, passwords, credit card information, Social Security numbers, or other financial records were affected. Assessing the breach's severity Classified as ‘mild to moderate’ in severity, the breach involved only basic identity verification details without more sensitive financial data.

Transak officials confirmed this classification, noting that financial statements and Social Security numbers were not accessed, potentially minimising immediate risk to users. However, a ransomware group has claimed responsibility, asserting possession of over 300GB of sensitive data that includes government-issued IDs. The group also claimed that they would release or sell remaining data if Transak did not meet their ransom demands.

They criticised Transak’s reported offer of USD 30,000 to delete the data, describing it as inadequate. According to Transak, the breach occurred because the affected employee engaged in non-work-related activities on their laptop. A malicious script infected the device, enabling access to the KYC system.

The employee has since been dismissed. Despite the ransomware group’s assertion that they obtained further sensitive documents, Transak has refused to negotiate. Company officials voiced doubts over the group’s claims of additional data, asking for proof of any wider access.

The breach highlights ongoing cybersecurity risks even among established players, reminding the industry of the need for robust security measures. Transak’s response to this breach will likely be observed closely by regulators and industry participants, emphasising a continued focus on strengthening security within the crypto ecosystem. Source: Link .


Oct 29, 2024 08:40
Original link