Transak, a company that provides a platform for buying and selling digital assets with fiat money, has revealed that it experienced a data breach that affected more than 92,000 users. In a blog post on October 21, the company explained that a malicious actor gained access to an employee’s laptop through a phishing attack. This allowed the attacker to obtain specific user information stored within the vendor’s dashboard.
The attacker was able to compromise the employee’s credentials and access a third-party Know Your Customer vendor’s system, which is used for document scanning and verification services. As a result, sensitive data including names, dates of birth, passports, driver’s licenses, and user selfies were compromised for 92,554 users, accounting for approximately 1.14% of Transak’s user base.
Transak has emphasized that no financial information was breached during the attack. The company is currently in the process of contacting the affected users and has assured them that if they have not received an email notification, they have not been impacted. Additionally, Transak has notified data protection authorities in the United Kingdom, as well as regulators across the European Union and the United States.
This incident follows a similar data breach at Fidelity Investments, a financial firm that offers crypto exchange-traded products. Fidelity disclosed that over 77,000 customers had their personal information compromised between August 17 and August 19. This marks the fourth data breach for Fidelity in the past year, with previous incidents occurring on March 4, March 18, and July 19.
In other news, there have been several crypto theories that have missed the mark, including the claim that “Peter Todd is Satoshi.”