92,554 Users Exposed As Crypto Payments Firm Reveals Attacker Accessed Names, Birth Dates, Passports, Drivers Licenses and More

AUS-basedcryptopaymentsfirmsaystensofthousandsofusersareexposedafterahackergainedaccesstoanemployee’slaptop.

Thefiat-to-cryptopaymentproviderTransaksaysthesecurityincidenthasaffected92,554ofitsusers.

AccordingtoTransak,theattackerobtainedunauthorizedaccessthrougha“sophisticatedphishingattack.”

Withtheemployee’scredentials,theattackerwasabletologintoathird-partyKYC(knowyourcustomer)vendorthatTransakusesforcustomerdocumentscanningandverificationservices.

Oncecompromised,theattackerwasabletoaccessthepersonalinformationofsomeuserswhohadgonethroughtheKYCprocess.

Thehackerwasultimatelyabletoaccesscustomers’names,dateofbirth,IDdocumentslikepassportsanddriver’slicensesandselfiephotosandvideos.

Althoughsensitiveidentificationdocumentswereexposed,Transaksaysitdoesnotbelieveprivatefinancialinformationhasbeenaccessed.

“Afterourthoroughchecks,wecanconfidentlyconfirmthatnofinanciallysensitiveinformation,includingemailaddresses,phonenumbers,passwords,creditcarddetails,SocialSecurityNumbers,oranyotherfinancialdata,wascompromisedinanyway.Ourfinancialsystems’securitymeasuresremainrobust,andwecontinuetoprotectallcriticaldata,ensuringthehighestlevelofprivacyandsecurityforourusers.

Transakoperatesasafullynon-custodialplatform,meaningthatuserfunds—whetherfiatorcryptocurrency—areneverheldbyusandthereforeremaincompletelysecureandunaffectedbyanysuchattack.Usersretainfullcontrolovertheirassetsatalltimes,ensuringthatnofundsareeveratrisk.”

Transaksaystheaffectedusersamountto1.14%ofitscustomerbase.

GeneratedImage:Midjourney

dailyhodl.com