Transak Phishing Attack Affected 92,554 Users

October 22, 2024
A representational image of security policies
A representational image of security policies

Transak, the blockchain and Web3 payments platform, has revealed a security breach that affected 1.14% of its users, or approximately 92,554 individuals. 

The company assured that no financial information was compromised and that it has taken swift actions to secure systems and prevent future incidents. But why did it happen in the first place?

Transak Phishing Attack: What Happened?

The breach occurred after an attacker gained unauthorized access to an employee’s laptop through a phishing scheme. This granted the attacker access to a third-party vendor’s system that Transak uses for Know Your Customer (KYC) document verification. The compromised vendor’s dashboard contained sensitive user information.

The attacker was then able to view personal details such as names, dates of birth, and ID documents like passports and drivers’ licenses — even user selfies. Transak confirmed that no passwords, email addresses, phone numbers, Social Security numbers, or payment data were compromised.

Transak’s Response to the Breach

Transak immediately initiated action to contain the issue. The company engaged a leading cybersecurity firm, along with top forensic experts, to investigate the incident, identify vulnerabilities, and secure its systems. All unauthorized access has reportedly been halted as of this writing, and the breach points have been addressed.

Transak already reached out to the affected users and partners and is working with data protection authorities such as the Information Commissioner’s Office (ICO) in the UK and other regulators in the EU and U.S.. The company is also reportedly implementing new safeguards to prevent future phishing and social engineering attacks on its employees, including improved security training and software upgrades.

Though there is currently no evidence that the accessed data has been misused, Transak advises affected users to monitor their personal information and remain vigilant for any suspicious activity. The company said it will offer identity monitoring services and additional resources to help users protect themselves from potential risks.

Crypto hacking has become a major cause of concern in recent years. A Chainalysis report highlighted that cryptocurrency hacking has emerged as a significant and widespread threat, resulting in billions of dollars stolen. According to its Crypto Crime Report, 2022 marked a record high for crypto theft, with $3.7 billion in losses. In 2023, however, the amount stolen dropped by approximately 54.3% to $1.7 billion. Despite this decrease in total value, the number of hacking incidents increased, rising from 219 in 2022 to 231 in 2023.

Read More

Gairika holds positions in BTC. This article is provided for informational purposes only and should not be construed as financial advice. The Shib Magazine and The Shib Daily are the official media and publications of the Shiba Inu cryptocurrency project. Readers are encouraged to conduct their own research and consult with a qualified financial adviser before making any investment decisions.

Leave a Reply

Your email address will not be published.