Transak, a popular crypto on-ramp platform, has confirmed a significant data breach affecting 92,554 users. On October 21, the platform revealed that personal information, including names, birth dates, identification documents, and selfies, was exposed during the attack. The breach did not involve financial information, ensuring users’ crypto assets remained secure.

Breach Originates from Employee’s Laptop

The breach was facilitated through an unauthorised attack on one of Transak’s employees’ laptops. Using compromised credentials, the hacker gained access to a third-party KYC vendor’s system, where sensitive user data was stored. Transak’s internal probe confirmed that the hacker accessed the vendor’s dashboard but reassured users that no financial details were affected.

Cybersecurity Measures in Place

In response to the breach, Transak has collaborated with cybersecurity firms and forensic experts to thoroughly investigate the incident. The platform has swiftly implemented advanced software systems to detect any future threats and prevent unauthorised access. Affected users are being notified directly by the platform.

Impact on Visa-Linked Users Unclear

While Transak has confirmed the breach, it remains uncertain whether Visa-linked users were affected. Visa has not yet issued a statement regarding the incident. Transak operates in over 162 countries, facilitating fiat-to-crypto conversions, and continues to take measures to secure its systems.