Transak Phishing Attack Exposes Customer Confidential Information

Key Points:

• Transak experienced a data breach affecting over 92,000 users due to a phishing attack.
• The Transak phishing attack impacted a third-party KYC vendor, but the company has not seen the stolen data used in criminal activities.

Popular fiat-to-crypto service provider Transak has announced a major data breach affecting 92,554 users.

Read more: Uniswap Fiat Services Now Boosted With Transak Support 

Transak Phishing Attack Leaked Sensitive User Information

In an update on Oct. 21, the company said the breach occurred because one of the employees’ personal laptops was targeted by a phishing attack, exposing sensitive user information.

The leak of employee credentials due to the Transak phishing attack allowed unauthorized access to a third-party KYC vendor used by Transak. The data breach contains names, dates of birth, passports, driver’s licenses, and selfies of users who have been affected-together making up roughly 1.14% of Transak’s entire user base.

Currently, the services offered by Transak run to different leading digital asset storage platforms which include Trust Wallet, Metamask, Ledger, and Coinbase among others. These services could be facilitating the exchange of traditional currencies into cryptocurrencies such as Bitcoin and Ethereum.

The breach has made the companies consider temporarily holding off on the integration with Transak until this gets resolved. However, the company reiterated that so far, no connection has been traced between the stolen KYC data and any sort of criminal activity.

Transak Strengthens Security Amid Growing Cyber Threats

Following the breach, Transak has contacted relevant regulators throughout the U.K., European Union and the United States-including the U.K.’s ICO. The company invites affected customers to get in touch with any questions and/or concerns. In the future, Transak says it will increase further the levels of security it deploys alongside the quality of training given to staff.

The Transak phishing attack is the latest in a string of cybersecurity incidents targeting companies operating in the cryptocurrency ecosystem. Just recently, the decentralized finance platform Radiant Capital announced that a hack robbed it of more than $50 million. Recently, Fidelity Investments also disclosed the breach of personal data of over 77,000 customers.