Bit24.cash Reportedly Exposes Data Belonging to 230K Users

Iranian crypto exchange Bit24.cash has reportedly exposed sensitive data belonging to 230,000 users.

Guy in a black hoodie contemplating infront of a big swirling portal in space.
Created by Gabor Kovacs from DailyCoin
  • Bit24.cash has reportedly exposed the data of some of its users.
  • The allegation stems from a report by Cybernews researchers.
  • The exchange dismissed the allegation as โ€œwholly untrue.โ€

According to a Monday report by researchers, Iranian cryptocurrency exchange Bit24.cash has โ€œapparently inadvertentlyโ€ exposed sensitive data belonging to thousands of users.

Founded in 2019, Bit24.cash operates as an over-the-counter (OTC) crypto exchange supporting over 300 coins and tokens. Last year, Bit24.cash and other Iranian crypto exchanges facilitated transactions totaling nearly $3 billion.

Bit24.cash Accused of Exposing User Data

According to a report dated January 8, Cybernews researchers have discovered a misconfigured MinIO (a high-performance object storage system) instance, โ€œinadvertently granting access to the cloud storage containersโ€ containing Bit24.cashโ€™s KYC data.

Sponsored

Typically, Bit24.cash runs a stringent Know-Your-Customer (KYC) process that requires users to confirm their identities by uploading various official documents, including passports, IDs, and credit cards.

Per the report, the misconfiguration has compromised the KYC data of nearly 230,000 Iranian citizens and their written consent to regulations.

โ€œWith access to such comprehensive personal and financial data, malicious actors could impersonate individuals, gain unauthorized access to accounts, execute fraudulent transactions, and potentially cause substantial financial and personal harm to the affected users,โ€ the researchers wrote.

In response to the allegation, the Bit24.cash team wrote to Cybernews researchers, dismissing their claims as โ€œinaccurate and misleading.โ€

Bit24.cash Assures Users of Data Security

The report clarified that Bit24.cash โ€œinvestigated Cybernewsโ€™ claimsโ€ and found no evidence of a data breach or unauthorized access of sensitive user data.

Specifically, the exchange labeled the reference to a misconfigured MinIO instance granting access to its cloud storage containers as โ€œwholly untrue,โ€ stating that it didnโ€™t align with its system architecture or security protocols.

While Bit24.cash reiterated that its โ€œcloud storage containers remain secure,โ€ the exchange urged concerned users to contact its support team.

Read about Upbitโ€™s recent win in Singapore:
Upbit Secures Singaporeโ€™s Major Payment Institution License

Stay updated on Bitgetโ€™s plans for 2024:
Hereโ€™s How Bitget Plans to Build on Its 2023 Milestones

This article is for information purposes only and should not be considered trading or investment advice. Nothing herein shall be construed as financial, legal, or tax advice. Trading forex, cryptocurrencies, and CFDs pose a considerable risk of loss.

Author
Brian Danga

Brian Danga is a crypto reporter at DailyCoin covering breaking news. Brian has minor holdings in Bitcoin and Ethereum.

Read more