Brett (brett) 
Trust Wallet has temporarily suspended Transakβs fiat-to-crypto payment service following a significant data breach.
Data Breach Details
According to an official statement from Transak, hackers gained access to compromised credentials through unauthorized access to a third-party employeeβs laptop. This sophisticated phishing attack targeted a Transak KYC vendor, allowing criminals to obtain personal data, including names, affecting over 92,554 users.
Trust Wallet responded by temporarily removing Transakβs onramp service to protect users. Despite the breach, Trust Wallet assured users that their funds remain safe, as no sensitive wallet information was exposed to any onramp providers.
Due to the recent security incident with Transak, we’ve taken precaution and temporarily removed their onramp service from Trust Wallet for your protection. Rest assured, users’ funds remain safe as no sensitive wallet information is exposed to any of our onramp providers.
Impact and Response
Transak, which serves more than 5 million users, reported that less than 2% of its user base was impacted. The firm has engaged law enforcement to assist in the investigation and plans to contact all affected users.
Crypto Wallet Providers’ Reaction
Several digital asset storage providers such as Trust Wallet, Metamask, Ledger, and Coinbase use Transakβs fiat-to-crypto payment service to facilitate transactions from traditional currencies like U.S. dollars to cryptocurrencies like Bitcoin and Ethereum.
In light of the breach, more crypto wallet companies may pause support until the situation is resolved. However, Transak emphasized that the stolen KYC materials have not yet been used for any nefarious activities. A leading cybersecurity firm confirmed that there is no current indication of data misuse.
Transak advised affected users to stay vigilant and monitor for any suspicious activity. The company will reach out to affected users with guidance and resources to protect themselves from potential misuse of the stolen information, including identity monitoring services.
Currently, there is no indication that the data has been misused. However, we advise affected users to remain vigilant and monitor for suspicious activity. We will be reaching out to affected users with advice and resources on protecting themselves from potential misuse of the information and offering resources such as identity monitoring services.
Ransomware Involvement
During the ongoing investigation, the ransomware syndicate Stormous claimed responsibility for the breach. The group allegedly stole over 300 gigabytes of user data and posted the illegally obtained personally identifiable information online. Stormous also claimed credit for hacking the web3 identity protocol Fractal ID in July.
For more updates and news on cryptocurrency, investing, and finance, visit Global Crypto News.
#DataScience #CryptoMarket #Web3Community
