Transak plarform hit by phishing attack and data breach exposing over 90,000 people
Learn More
Transak, a cryptocurrency on-ramp integrated with major blockchain platforms like MetaMask, Binance, and Trust Wallet, experienced a security breach affecting approximately 1.14% of its users, totaling around 92,554 individuals.
A cryptocurrency on-ramp is a service that allows users to convert traditional (fiat) currencies, like USD or EUR, into cryptocurrencies, facilitating entry into the crypto market.
The breach was caused by a phishing attack that compromised an employee's laptop, allowing unauthorized access to a third-party Know Your Customer (KYC) vendor responsible for document verification services.
After discovering the breach, Transak secured its systems and engaged a cybersecurity firm alongside forensic experts to conduct a thorough investigation. Additionally, Transak has notified relevant data protection authorities, including the UK's Information Commissioner's Office (ICO), to ensure compliance with regulatory requirements.
The following user data was accessed:
- Names
- Dates of birth
- ID documents (e.g., passports and driver's licenses)
- User selfies
The company is proactively contacting affected users via email to inform them of the incident. While there is currently no evidence of misuse of the accessed data, affected users are encouraged to remain vigilant and monitor for any suspicious activity.
Transak claims that no financially sensitive or critical information was compromised, and user funds remain secure, as the platform operates on a non-custodial basis, ensuring users retain full control over their assets.
