Fiat-to-crypto payment gateway Transak was reportedly the victim of a hack on October 20 by ransomware collective Stormous, putting thousands of users’ data at risk.
Transak Falls Victim To Hack Allegedly By Stormous
“We have recently identified that an attacker gained unauthorized access to one of our employee’s laptop through a sophisticated phishing attack,” the crypto company’s statement read. “Using the compromised credentials, the attacker was able to log in to the system of a third-party KYC vendor that we use for document scanning and verification services. As a result, the attacker gained access to specific user information stored within the vendor’s dashboard.”
According to Transak, the attacker gained the names, dates of birth, ID documents, and user selfies of over 92,000 customers during the hack. However, no financially sensitive information was compromised—including credit cards, Social Security Numbers, email addresses, phone numbers, and passwords.
“Our financial systems’ security measures remain robust, and we continue to protect all critical data, ensuring the highest level of privacy and security for our users,” Transak stated.
Nonetheless, the non-custodial digital asset company disclosed hiring a cybersecurity firm and “top forensic experts” to investigate the crypto hacking incident.
Transak has promised to contact impacted users with resources to further protect themselves in light of the attack. However, the Miami-based payment gateway says there is “no indication” that any of the stolen data has been misused.
“We deeply empathize with how frustrating and disappointing this must be for the affected users,” Transak said. “Our top company priority is taking action to protect users and fix any vulnerabilities to ensure nothing like this ever happens again.”
Employee Of Payment Gateway Has “Exited,” CEO Says
Stormous ransomware group has claimed responsibility for the attack, going so far as to publish a number of stolen Transak user data live on its website.
According to CoinDesk, an unnamed ransomware group reportedly claimed they had obtained financial data in the hack, though Transak is seemingly unwilling to negotiate with the alleged attacker.
The hack could be particularly damaging as key players in the crypto industry, such as Coinbase, Binance.US, Trust Wallet, and others, use its services.
According to Start, the employee in question has since “exited” Transak.
The post Transak Discloses Ransomware Hack As Stormous Claims Responsibility appeared first on Cryptonews.
