Posted 2 years ago | by Ben Armstrong
Leak May Have Exposed 8,000 Digitex Users to KYC Info Theft
The cryptocurrency derivatives exchange Digitex may have recently leaked stolen Know-Your-Customer (KYC) info on Telegram.
The data was posted by an ex-employee. According to reports, the data was stolen, then published to the general public. The data drop included passports, driving license scans and other sensitive documentation that was supplied by more than 8,000 Digitex users.
Digitex stated that is seeking legal counsel and currently cannot disclose specifics about the incident:
“Digitex Futures is aware of a leak of confidential data. We are not able to comment fully on the incident at this time and are currently seeking legal counsel. However, we can confirm that this was not an external hack but an internal security breach orchestrated by an ex-employee with a conflict of interest against the company. We will be releasing more information on the incident as soon as possible.”
According to a source who is close to the matter, said that the data“has not been breached” and:
“Only three ids have been leaked although the perpetrator confirms that he has them all and is starting to post demands so as not to leak the rest.”
Did Digitex Lose Customer Data?
While on Telegram, the “Digileaker” claimed to have “the entire KYC documentation of every single user who has used the Digitex Treasury from its inception date until today.”
Digitex stated in a Feb. 10 blog post that the breach was an “internal issue” that had been perpetrated by a “scheming and highly manipulative ex-employee” as well as they also assure customers that “beyond their email addresses, no other sensitive information was gathered or released.”
There is no way to know for sure what is actually going on, and this situation remains fluid. If these documents were actually leaked, the resulting situation could be terrible for Digitex. There is no good reason to do this, and if the leaker is caught, they may face criminal charges.
Data Safety is a Big Deal
Okex and Bitfinex were reportedly attacked by a simultaneously distributed denial of service (DDoS) on Feb. 27. Bitfinex had toquickly execute countermeasures and patch for similar attacks
On Feb. 28, Tim Draper of Singaporean crypto exchange Coinhako announced that all customers were affected by a “sophisticated attack” that began targeting the exchange seven days prior. The exchange did suspend send functionality and has restored for Bitcoin (BTC), Bitcoin Cash (BCH), Ethereum (ETH), Tether (USDT), TrueUSD (TUSD) and USD Coin (USDC).
As the crypto markets draw more investment capital, companies in the sector will need to step-up their security measures. Cryptos will likely continue to draw the attention of bad actors, and companies need to be ready.