{"id":17968,"date":"2024-10-22T11:43:02","date_gmt":"2024-10-22T08:43:02","guid":{"rendered":"https:\/\/forklog.com\/en\/data-breach-at-crypto-payment-provider-transak\/"},"modified":"2024-10-22T11:43:02","modified_gmt":"2024-10-22T08:43:02","slug":"data-breach-at-crypto-payment-provider-transak","status":"publish","type":"post","link":"https:\/\/forklog.com\/en\/data-breach-at-crypto-payment-provider-transak\/","title":{"rendered":"Data Breach at Crypto Payment Provider Transak"},"content":{"rendered":"<p>The cryptocurrency payment provider Transak <a href=\"https:\/\/transak.com\/blog\/transak-security-incident-oct-2024\">confirmed<\/a> that a third party gained partial access to the data of 92,554 users (1.14% of the total database). The company asserts that no financially sensitive or critically important information was compromised.<\/p>\n<p>According to the team, the hacker gained unauthorized access to a platform employee&#8217;s laptop through a phishing attack. <\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>\u201cUsing compromised credentials, the attacker was able to log into the system of a third-party <span data-descr=\"Know Your Customer\" class=\"old_tooltip\">KYC<\/span> service provider that we use for document scanning and verification,\u201d Transak clarified. <\/p>\n<\/blockquote>\n<p>Through the provider&#8217;s control panel, the hacker accessed the following client data:<\/p>\n<ul class=\"wp-block-list\">\n<li>names;<\/li>\n<li>dates of birth;<\/li>\n<li>identity documents (e.g., passports, driver&#8217;s licenses);<\/li>\n<li>user selfies.<\/li>\n<\/ul>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>\u201cAfter thorough checks, we can confidently confirm that no financially sensitive information, including email addresses, phone numbers, passwords, credit card data, or social security numbers, was compromised in any way,\u201d the security team emphasized. <\/p>\n<\/blockquote>\n<p>Transak operates as a fully non-custodial platform and does not store user funds.<\/p>\n<p>Despite no signs that hackers misused the obtained information, clients were advised to remain vigilant and monitor for suspicious activity. The service promised to send guidance on further actions to all affected users.<\/p>\n<p>To localize and investigate the incident, the team engaged leading external cybersecurity experts. The UK&#8217;s Information Commissioner&#8217;s Office and other regulatory bodies in the EU and US have been informed of the situation. <\/p>\n<p>In a comment to <a href=\"https:\/\/www.coindesk.com\/ru\/tech\/2024\/10\/21\/crypto-on-ramp-service-transak-targeted-in-data-breach\/\">CoinDesk<\/a>, Transak CEO Sami Start stated that the employee responsible for the breach was dismissed.<\/p>\n<p>It later emerged that the ransomware group Stormous claimed responsibility for the hack.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">?Cyberattack Alert \u203c\ufe0f<\/p>\n<p>??USA \u2014 Transak<\/p>\n<p>Stormous hacking group claims to have breached Transak, a developer integration for a fiat-to-crypto payment gateway.<\/p>\n<p>Allegedly, 300 GB of sensitive personal documents, including government-issued IDs, proof of address, financial\u2026 <a href=\"https:\/\/t.co\/edy856IfQZ\">pic.twitter.com\/edy856IfQZ<\/a><\/p>\n<p>\u2014 HackManac (@H4ckManac) <a href=\"https:\/\/twitter.com\/H4ckManac\/status\/1848233052876505342?ref_src=twsrc%5Etfw\">October 21, 2024<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>They claim the scale of the stolen data is much broader, including over 300 GB of confidential personal documents, such as proof of address and financial reports.<\/p>\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"322\" src=\"https:\/\/forklog.com\/wp-content\/uploads\/2024-10-22-11.39.08-1024x322.jpg\" alt=\"2024-10-22-11.39.08\" class=\"wp-image-243642\" srcset=\"https:\/\/forklog.com\/wp-content\/uploads\/2024-10-22-11.39.08-1024x322.jpg 1024w, https:\/\/forklog.com\/wp-content\/uploads\/2024-10-22-11.39.08-300x94.jpg 300w, https:\/\/forklog.com\/wp-content\/uploads\/2024-10-22-11.39.08-768x241.jpg 768w, https:\/\/forklog.com\/wp-content\/uploads\/2024-10-22-11.39.08.jpg 1257w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\">Screenshot of the hackers&#8217; message. Data: <a href=\"https:\/\/t.me\/investigations\/169\">ZachXBT<\/a>.<\/figcaption><\/figure>\n<p>According to them, the leak contains data on \u201cover 1 million users,\u201d who are also clients of other players in the crypto industry.<\/p>\n<p>According to the website, Transak <a href=\"https:\/\/transak.com\/wallets\">integrates<\/a> with MetaMask, Trust Wallet, Coinbase Wallet, Ledger, Bitpay, and other cryptocurrency services. <\/p>\n<p>CoinDesk reports that the Stormous extortionists are demanding $30,000 for data deletion, but the payment gateway is not inclined to negotiate. <\/p>\n<p>Earlier in October, the Binance Labs-backed lending protocol Radiant Capital suffered an attack amounting to over $50 million. The hacker obtained private keys for three out of 11 signatures and altered smart contracts.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The cryptocurrency payment provider Transak confirmed that a third party gained partial access to the data of 92,554 users (1.14% of the total database). The company asserts that no financially sensitive or critically important information was compromised. According to the team, the hacker gained unauthorized access to a platform employee&#8217;s laptop through a phishing attack. [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":17967,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"","news_style_id":"","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1198,44,1188],"class_list":["post-17968","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-crypto-payments","tag-cybercrime","tag-data-breach"],"aioseo_notices":[],"amp_enabled":true,"views":"38","promo_type":"","layout_type":"","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/17968","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/comments?post=17968"}],"version-history":[{"count":0,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/17968\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media\/17967"}],"wp:attachment":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media?parent=17968"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/categories?post=17968"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/tags?post=17968"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}