This year, encryption-related scams and hacking has surged, with the latest being a data breach on the crypto-ramp platform Transak. Transak confirmed in an official statement on October 21 that the personal information of 92,554 users were damaged during the attack. According to its website, the platform helps convert fiat currency into cryptocurrencies, operating in 162 countries.
In a blog post, Transak revealed that the violation of the user’s name, date of birth, identification documents and selfies is the information collected by the platform knows your customer (KYC) process. After an internal investigation, Transak found that the unauthorized actor violated his employees’ laptops in order to facilitate this phishing attack.
“Using damaged credentials, an attacker was able to log into the system of our third-party KYC vendors for document scanning and verification services. As a result, an attacker could access specific user information stored in the vendor’s dashboard.” Posted blog post Explain.
Transak assured users that there was no stolen or exposed financial information in the incident. As a non-monitoring platform, it allows users to always maintain full control of Fiat and crypto assets to ensure funds are secure from potential cybercrime threats.
To mitigate the risk of violations, Transak worked with cybersecurity companies and forensic experts to conduct a thorough investigation. So far, the platform has not disclosed any information about the identity of the attacker.
“Their expertise allows us to quickly assess situations, identify violation points and immediately stop any unauthorized access,” the blog noted.
Transak is currently in contact with affected users and has implemented an advanced software system to detect potential violations in early stages.
It is not clear whether Transak’s violations have affected visa-related users, and the visa has not commented on the situation.
