Transak Hit by Phishing Attack, Personal Data of 92K Users Exposed

Transak, a crypto on-ramp provider, disclosed a data breach that exposed the personal information of over 92,000 users, about 1.14% of its user base.

The breach resulted from a phishing attack on an employee’s laptop, allowing an attacker to access credentials and infiltrate a third-party Know Your Customer (KYC) system.

TRANSAK DATA BREACH LINKED TO EMPLOYEE'S LAPTOP USE; RANSOMWARE DEMANDS LOOM

– Transak, a crypto "onramp" for platforms like Binance and Metamask, reported a breach exposing names and basic identity info of 93K users.

– The breach was traced to an employee using their laptop… pic.twitter.com/wmvM2PaeWv

— BSCN (@BSCNews) October 21, 2024

Compromised data includes names, birth dates, passports, driver’s licenses, and selfies.

However, Transak assured users that no financial information such as emails, passwords, or payment details was affected.

Impacted users will be contacted directly, while others unaffected by the breach won’t receive notifications.

An official statement from Transak: https://t.co/fIYNcsg6LU pic.twitter.com/oBU2adLDI4

— Transak (@Transak) October 21, 2024

Authorities in the UK, EU, and the US have been informed.

This breach mirrors similar incidents, including one at Fidelity Investments, which recently faced its fourth data breach in a year.

Despite these concerns, Transak continues to provide fiat-to-crypto services for platforms like Binance, MetaMask, and Coinbase.

About The Author