Trust Wallet temporarily blocked Transak’s fiat-to-crypto payment service following a data breach at the Miami-based company.Â
Transak’s official statement claims that hackers obtained stolen credentials by “unauthorized access” to a laptop belonging to a third-party employee.
Via a clever phishing technique, hackers were able to access personal information, including names, belonging to over 92,554 users by targeting a Transak KYC vendor.Â
According to Transak’s blog post on October 21, less than 2% of its more than 5 million subscribers were affected.
The company announced intentions to contact all impacted users and claimed it had enlisted law authorities to assist with the probe.
Transak’s fiat-to-crypto or onramp payment corridor is used by several digital asset storage providers, including Trust Wallet, Metamask, Ledge, and Coinbase, to transfer value from fiat currencies like US dollars to Bitcoin or Ethereum.
Numerous cryptocurrency wallet providers can suspend assistance until the issue is resolved. However, the company emphasized that there has been no indication of malicious activity with the stolen KYC materials. Transak blog post:
Currently, there is no indication that the data has been misused. However, we advise affected users to remain vigilant and monitor for suspicious activity. We will be reaching out to affected users with advice and resources on protecting themselves from potential misuse of the information and offering resources such as identity monitoring services.”
Stormous, a ransomware syndicate, took credit for the attack as the startup investigated it. It appears that Stormous posted unlawfully obtained personally identifying information on its website and stole over 300 gigabytes of customer data.
In July, the ransomware group also claimed responsibility for breaking into the web3 identity protocol Fractal ID.
