Reportedly Exposes Data Belonging to 230K Users

Iranian crypto exchange has reportedly exposed sensitive data belonging to 230,000 users.

Guy in a black hoodie contemplating infront of a big swirling portal in space.
Created by Gabor Kovacs from DailyCoin
  • has reportedly exposed the data of some of its users.
  • The allegation stems from a report by Cybernews researchers.
  • The exchange dismissed the allegation as “wholly untrue.”

According to a Monday report by researchers, Iranian cryptocurrency exchange has “apparently inadvertently” exposed sensitive data belonging to thousands of users.

Founded in 2019, operates as an over-the-counter (OTC) crypto exchange supporting over 300 coins and tokens. Last year, and other Iranian crypto exchanges facilitated transactions totaling nearly $3 billion. Accused of Exposing User Data

According to a report dated January 8, Cybernews researchers have discovered a misconfigured MinIO (a high-performance object storage system) instance, “inadvertently granting access to the cloud storage containers” containing’s KYC data.


Typically, runs a stringent Know-Your-Customer (KYC) process that requires users to confirm their identities by uploading various official documents, including passports, IDs, and credit cards.

Per the report, the misconfiguration has compromised the KYC data of nearly 230,000 Iranian citizens and their written consent to regulations.

“With access to such comprehensive personal and financial data, malicious actors could impersonate individuals, gain unauthorized access to accounts, execute fraudulent transactions, and potentially cause substantial financial and personal harm to the affected users,” the researchers wrote.

In response to the allegation, the team wrote to Cybernews researchers, dismissing their claims as “inaccurate and misleading.” Assures Users of Data Security

The report clarified that “investigated Cybernews’ claims” and found no evidence of a data breach or unauthorized access of sensitive user data.


Specifically, the exchange labeled the reference to a misconfigured MinIO instance granting access to its cloud storage containers as “wholly untrue,” stating that it didn’t align with its system architecture or security protocols.

While reiterated that its “cloud storage containers remain secure,” the exchange urged concerned users to contact its support team.

Read about Upbit’s recent win in Singapore:
Upbit Secures Singapore’s Major Payment Institution License

Stay updated on Bitget’s plans for 2024:
Here’s How Bitget Plans to Build on Its 2023 Milestones

This article is for information purposes only and should not be considered trading or investment advice. Nothing herein shall be construed as financial, legal, or tax advice. Trading forex, cryptocurrencies, and CFDs pose a considerable risk of loss.

Brian Danga

Brian Danga, a Kenyan crypto reporter, is dedicated to delivering breaking news and updates from the cryptocurrency world. With a background as a Web3 writer and project manager, he recognizes the importance of unbiased reporting. Holding an LLB degree from the University of Nairobi, Brian's analytical skills contribute to his accurate news reporting. His personal interests include cooking, watching documentaries, reading, and engaging in intellectual discussions.