Transak, a leading crypto payment services provider, has been affected by a significant data breach that affected over 92,000 users. The incident, which came to light on October 21, 2024, stemmed from a sophisticated phishing attack that compromised an employee’s laptop.
The breach exposed the sensitive personal information of 92,554 users, representing approximately 1.14% of Transak’s total user base. Compromised data includes names, dates of birth, passport details, driver’s license information, and selfies used for Know Your Customer (KYC) verification.
Transak CEO Sami Start emphasized that no financially sensitive information was accessed during the breach. “No bank statements, social security numbers, or credit card details were accessed, and even emails or passwords were not involved, which significantly reduces the severity of the incident,” Start stated in an interview.
The company, which provides non-custodial fiat-to-crypto gateways for major platforms like Binance, MetaMask, and Coinbase, has taken swift action to address the situation.
Transak has engaged leading cybersecurity firms and forensic experts to conduct a thorough investigation and has begun notifying affected users.
Join ANY.RUN's FREE webinar on How to Improve Threat Investigations on Oct 23 - Register Here
Transak has implemented enhanced security protocols in response to the breach and is collaborating closely with its third-party KYC vendor to identify and rectify the vulnerabilities exploited during the attack.
According to company officials, the employee associated with the security incident has been terminated.
A ransomware group, Stormous, has claimed responsibility for the breach, asserting that it has obtained over 300 gigabytes of user data.
The group has threatened to leak or sell the remaining data if its demands are not met. However, Transak has stated that it is not considering negotiations with the ransomware group.
The incident has raised concerns about the security practices of crypto firms and their third-party vendors. It highlights the industry’s ongoing challenges in protecting user data against sophisticated cyber threats, particularly phishing attacks targeting employees.
Transak has assured users that their funds remain secure as the company operates on a non-custodial model. The firm has also notified relevant UK, EU, and US data protection authorities about the breach.
This security incident follows similar breaches in the crypto and finance sectors, including a recent attack on Fidelity Investments that exposed the personal data of over 77,000 customers.
As the investigation continues, Transak has committed to improving its security measures, including enhanced employee training, software upgrades, and system improvements to prevent future phishing and social engineering attacks.
The crypto community is closely watching how Transak handles this breach, as it could affect user trust and potentially lead to stricter regulations in the cryptocurrency sector.
Free Webinar on How to Protect Small Businesses Against Advanced Cyberthreats -> Watch Here