Transak, a crypto on-ramp firm, has revealed that it experienced a recent data breach affecting more than 92,000 users. In a blog post on October 21, the company stated that a malicious individual gained access to an employee’s laptop through a phishing attack. This allowed the attacker to obtain “specific user information stored within the vendor’s dashboard.” The employee’s credentials were compromised, enabling them to log in to a third-party Know Your Customer vendor’s system used for document scanning and verification services. As a result, sensitive data including names, dates of birth, passports, driver’s licenses, and selfies of 92,554 users (1.14% of Transak’s user base) was compromised.
Transak is a fiat-to-crypto gateway that enables users to buy and sell digital assets using traditional fiat money. It integrates directly with crypto wallets and decentralized applications (DApps) for seamless transactions. The company provides non-custodial on-ramps for major crypto wallets and exchanges such as Binance, MetaMask, and Coinbase. Transak reassured its users that no financial information was breached during the attack.
Affected users are being contacted by Transak, and the company emphasized that if users do not receive an email, they have not been affected. Transak has also notified data protection authorities in the United Kingdom and regulators across the European Union and the United States.
This data breach follows a similar incident that affected customers of Fidelity Investments. Fidelity, a financial firm that issues crypto exchange-traded products (ETPs), recently disclosed a data breach compromising the personal information of over 77,000 customers between August 17 and August 19. This marks Fidelity’s fourth data breach in the last 12 months, with previous incidents occurring on March 4, March 18, and July 19.
In other news, here are 10 crypto theories that missed their mark as badly as the claim that “Peter Todd is Satoshi.”