Transak Hack Exposes 92K Users

Transak revealed that a phishing attempt had infiltrated an employee’s laptop, leading to a data breach that affected over 92,000 users.

Transak, a cryptocurrency on-ramp company, has revealed that over 92,000 members were impacted by a recent data breach.

In a blog post published on October 21, the business stated that it had discovered that a hostile actor had used a phishing attempt to obtain access to a worker’s laptop and expose them to “specific user information stored within the vendor’s dashboard.”

The attacker gained access to the system of a third-party Know Your Customer vendor that we engage for document scanning and verification services by breaching employee credentials. Ninety-two thousand five hundred fifty-four people, or 1.14% of Transak’s user base, had their sensitive information, including names, dates of birth, passports, driver’s licenses, and pictures, compromised.

Transak’s fiat-to-crypto gateway allows consumers to exchange fiat currency for digital assets. It interfaces directly with decentralized apps (DApps) and cryptocurrency wallets for transactions. The business offers non-custodial on-ramps for well-known cryptocurrency wallets and exchanges, including Coinbase, MetaMask, and Binance. The Transak claims that no financial data was compromised in the attack:

“After our thorough checks, we can confidently confirm that no financially sensitive information, including email addresses, phone numbers, passwords, credit card details, Social Security Numbers, or any other financial data, was compromised in any way.”

Transak is reaching out to affected users. The corporation stated that regulators in the US, the UK’s data protection agencies, and the European Union have all been informed. “If we do not email you, then you have not been affected,” the statement reads.

Another event of a similar nature impacted investors at Fidelity. The financial company, one of the companies that issues cryptocurrency exchange-traded products (ETPs), recently revealed that between August 17 and August 19, over 77,000 consumers’ personal information was stolen due to a data breach.

The incident was the fourth data breach that Fidelity had experienced in the previous 12 months; the others happened on March 4, March 18, and July 19.