Transak Reports Data Breach Affecting 92,000 Users
Transak, a leading provider of fiat-to-crypto conversion services, has disclosed a major data breach that has compromised the information of over 92,000 customers.
Details of the Data Breach
On October 21, the company issued an official statement, explaining that the breach resulted from a targeted phishing attack on one of its employee’s laptops. This incident allowed unauthorized access to sensitive user information.
The investigation revealed that the attackers used the stolen employee credentials to access a third-party vendor that provides Know Your Customer (KYC) verification services.
Compromised User Information
As a consequence of the breach, the personal information of 92,554 users was compromised. The following details were exposed:
- Full names
- Dates of birth
- Passport and driver’s license information
- Selfies
This infiltration represents approximately 1.14% of Transak’s total user base. However, the company has clarified that none of the financial details were affected during this breach.
Safeguarding Financial Information
“No financially sensitive information, such as email addresses, phone numbers, passwords, credit card details, or Social Security Numbers, was affected.”
Company Overview
Transak specializes in non-custodial fiat-to-crypto gateways, allowing users to buy and sell digital assets through partnerships with leading crypto wallets and decentralized applications. Its notable partners include major exchanges such as Binance, MetaMask, and Coinbase.
Response and Communication
Transak has initiated communication with the affected users and reassured others that they will only be contacted if their information has been compromised. Additionally, the company has notified the relevant authorities in the UK, EU, and US regarding the breach.
Conclusion
This data breach incident underlines the persistent security vulnerabilities in the cryptocurrency sector. Phishing attacks targeting employees remain a significant risk as they can provide unauthorized entities with access to critical user information.
This rewritten content is optimized with appropriate headings, subheadings, and bullet points to enhance readability while maintaining the essence of the original information.