A crypto payment company called Transak has had a major security breach, affecting over 92,000 of its users. The culprit? A hacker who got into an employee’s laptop.
How Did It Happen?
The hacker used a “sophisticated phishing attack” to steal an employee’s login credentials. This gave them access to a third-party company that Transak uses to verify customer identities. The hacker then used this access to grab personal information from users, including:
- Names
- Birth dates
- Passports and driver’s licenses
- Selfie photos and videos
What’s Safe?
Transak says that while sensitive ID documents were exposed, they don’t believe financial information was compromised. This includes things like:
- Email addresses
- Phone numbers
- Passwords
- Credit card details
- Social Security Numbers
Transak also emphasizes that they are a “non-custodial platform,” meaning users’ money is never held by them. This means that even though there was a breach, users’ funds are safe.
The Impact
This breach affects about 1.14% of Transak’s customer base. It’s a reminder that even with strong security measures, companies can still be vulnerable to attacks.
What to Do?
If you’re a Transak user, you should be aware of the potential risks and keep an eye out for any suspicious activity. Transak is likely to contact affected users directly with more information.