BuyUcoin, an Indian cryptocurrency exchange is apparently hacked leading to a breach of nearly 325K users’ data on the dark web. The reported breach has actually leaked delicate individual details of clients that consist of emails, mobile numbers, encrypted passwords, user wallet details, order details, bank details, KYC information (PAN number, passport numbers), and deposit history.
In yet another data breach, sensitive data of nearly 3.25 lakh users of India-based international #cryptocurrency exchange and wallet, BuyUcoin, has been exposed on the #DarkWeb. pic.twitter.com/ycgIpCv6mh
—– IANS Tweets (@ians_india) January 21, 2021
An independent cyber researcher exposed that the hackers got their hands on a 6GB file on the MongoDB database that included three backup files from BuyUcoin. The independent scientist called it a vital breach and said,
This is a severe hack as key monetary, banking and KYC information have actually been leaked on the Dark Web,
Hacking Group Behind Exchange Hack a Known Offender
Kela Research and Strategy Ltd another cybersecurity firm tracked the stolen information to an online forum that also consisted of stolen details from Wongnai Media Co Ltd, Tuned Global Pvt Ltd, BuyUcoin, Wappalyzer, Teespring Inc and Bonobos.com. The researcher believes the hacker group behind the breach is the infamous ShinyHunters group who in the past have been found leaking taken data throughout the summertime.
The research platform stated,
“Over this past summertime, ShinyHunters was seen publishing leaked data totally free, exposing countless personal records from all over the world. We have seen partners of Shiny Hunters selling and leaking other dumps in the recent months.”
The hacker group in question was previously connected to the leak of 1.9 million individual records associated with is totally free online Photograph platform Pixlr. The crypto exchange is yet to make any official discuss the breach.
BuyUcoin was not the first exchange to see a breach of information as many centralized exchanges have comparable breaches in the past, most especially the Binance KYC data breach. However, most of the times, the hackers behind the breach request for a ransom to not leak the taken information which is not the case in BuyUcoin. The breach likewise raises questions over how these centralized exchanges manage the delicate individual information of the users.
The post Indian Crypto Exchange BuyUcoin Hacked, Personal Info of 325k Users Breached appeared initially on Coingape.