Coinbase denies data breach reports, and according to Au10tix, there is no evidence that the credential leaked was used to obtain customer data.
On June 27, Coinbase, a cryptocurrency exchange, denied any knowledge of a data breach involving its clients and the Au10tix compliance platform.
The statement was issued in response to a report on June 26 that asserted that the employee credentials of Au10tix had been disclosed on Telegram. The Coinbase logo is prominently displayed on the Au10tix website, which suggests that Coinbase is one of its clients.
“At present, we are not aware of any data exposure on Coinbase and will continue to monitor the situation,” stated a Coinbase representative to Cointelegraph.
Au10tix is an identity verification platform purportedly utilized by various platforms, including Uber, Fiverr, TikTok, X, and Coinbase. It maintains the photo IDs of users and other identifying information on behalf of the platforms it supports.
A representative from Au10tix clarified that an employee credential was compromised, resulting in the potential accessibility of “PII [personally identifiable information] data.” Nevertheless, “we cannot identify any indication that data has been exploited in any capacity, as per our current research.”
On June 26, 404 Media reported that the compliance platform “may have exposed a set of administrative credentials online for over a year, which could have allowed hackers to access sensitive data.”
According to reports, cybersecurity firm SpiderSilk uncovered the credentials on Telegram. The credentials may have been obtained by an assailant who infected the computer of an Au10tix employee with malware.
A SpiderSilk security researcher reportedly used the leaked credentials to access consumer data from at least one of the platform’s clients, demonstrating that the data was accessible to anyone who possessed it.
“The data comprised the individual’s name, date of birth, nationality, identification number, and the type of document uploaded, such as a driver’s license.” The report also indicated that a link within the data provided access to genuine images of “American drivers’ licenses.”
Cointelegraph was informed by an Au10tix representative that the credentials have been “completely removed” and that the customer data can no longer be accessed through them.
Furthermore, they asserted that “[a]fter conducting a comprehensive security review, we have determined that our system did not experience any data leakage or malicious activity.”
Additionally, the compliance platform has implemented additional measures to prevent the recurrence of incidents such as this one. The representative declared:
“We disconnected the relevant operational system and replace[d] it with more secured systems. We are reviewing our security procedures and harden[ing] security controls across all IT assets. We appointed a dedicated team to continuously monitor for any future activity.”
Au10tix asserted that it “complies with and will continue to comply with the most stringent industry standards, market demands, and recent best practices.”
Coinbase did not affirm or deny using Au10tix to store customer data. However, it asserted that it was unaware of any data breach involving its consumers due to the reported incident.
In most jurisdictions, centralized crypto exchanges are mandated to conduct Know Your Customer (KYC) verification. This process involves requesting images of customers’ driver’s licenses or passports.
Advocates contend that this procedure is essential to prevent the use of exchanges for money laundering. However, detractors argue that the practice infringes upon the privacy of users.