A data breach involving a crypto-industry employee’s use of a laptop for personal reasons has affected approximately 93,000 unique users of Transak, a platform used by various blockchain companies for customers to purchase cryptocurrencies. The breach, which exposed names and basic identity information, is being considered as “mild or moderate” since it did not compromise sensitive data like social security numbers or credit card details. However, the breach has led to a ransomware group targeting the company and demanding negotiations.
Transak CEO Sami Start stated that the incident impacted 93,000 individuals, including the leakage of passports, ID cards, and selfies used for identity verification with crypto financial products. Although the breach is concerning, only 1.14% of the user base was affected, with no access to bank statements, credit card information, or passwords. The company is taking steps to notify customers, law enforcement, and data regulators about the breach.
The ransomware group responsible for the attack claims to have extracted over 300GB of data, including sensitive personal documents such as government-issued IDs, proof of address, financial statements, and user selfies. They have threatened to leak or sell the remaining data if a ransom is not paid. However, Transak has stated that they are not willing to negotiate with the group.
The breach occurred due to an employee using their work laptop for personal activities, leading to the execution of a malicious script that provided access to the system. The employee has been terminated, and the hacker gained entry to a third-party user authentication service used by Transak. Despite rumors of accessing other systems, Start clarified that the breach was limited to the KYC service.
Transak serves as an onramp for users to transition from fiat to crypto, offering services like purchasing cryptocurrencies via credit card. The platform is integrated into major blockchain wallets and exchanges, facilitating seamless transactions. Start emphasized that the breach was contained within the KYC service and not indicative of a larger system compromise.
As the situation unfolds, Transak is focused on addressing the breach, safeguarding user data, and preventing future incidents. The company’s commitment to transparency and security remains paramount as they navigate the aftermath of the data breach. Customers are advised to remain vigilant and follow any updates provided by Transak regarding the breach.