Transak, a fiat-to-crypto payment gateway, has confirmed a data breach affecting over 57,000 users, attributed to a phishing attack on an employee's laptop. The notorious Stormous ransomware group claimed responsibility for the breach, raising concerns over the security of the crypto industry's KYC measures.
The breach allowed attackers to access a third-party KYC provider's system, compromising personal identifiable information (PII) such as names and addresses. However, sensitive data like social security numbers and credit card details were not at risk. Transak reassured users that their assets remained secure due to its non-custodial model.
The Stormous group claimed to have exfiltrated 300GB of data, including IDs and financial statements, threatening to leak more unless a ransom is paid. Transak's CEO, Sami Start, expressed skepticism about the group's claims, noting that some KYC images had surfaced online, but the full extent of the leak is still unclear.
Despite no current evidence of data misuse, Transak advised affected users to remain vigilant. The company is collaborating with law enforcement and cybersecurity experts to investigate the breach and prevent future incidents. The employee responsible for the compromised laptop has been terminated.