Malta-based Trident Crypto Fund has suffered a major privacy breach recently, which led to the large-scale data leak.
More than a quarter of a million users might be compromised, due to the stolen passwords and other sensitive information. With such data in hand, cybercriminals can easily log into any electronic account to withdraw money.
The CTO and founder of cybersecurity firm DeviceLock, Ashot Oganesyan told the Russian media portal, the database turned out to be in free access now, as it can be downloaded from the internet. The leaked data contain names and surnames, email addresses, mobile phone numbers, encrypted passwords, country of residence and IP addresses.
The stolen database was uploaded to file-sharing websites on February 20th. By March 3rd around 120K of the leaked passwords were already decrypted. The vast majority of the login names and passwords were unique and had never been found in leaks before, noted Oganesyan.
The head of the cybersecurity firm added, that hackers took advantage of vulnerabilities found on the company’s website. Due to the encryption algorithm being quite old, cybercriminals were able to decode the passwords relatively quickly.
Crypto-related data leaks are a growing threat
With the data becoming one of the most valuable assets of the current times, the number of malicious cyber-attacks is growing rapidly. The security breaches in the cryptocurrency industry are no exception.
Almost all of the biggest cryptocurrency exchanges have encountered a security breach even once. The latest victim being Poloniex, the US-based crypto exchange, which has been forced to reset customer passwords after a list of email addresses and passwords was leaked via social media last December.
Last August the world’s largest cryptocurrency exchange by trading volume, Binance also announced about massive privacy breach when over 10 000 of client photos were leaked to the public and media.
Meanwhile the Diginex, a Seychelles-based digital asset exchange, recently suffered an internal security breach, when the ex-employee leaked around 8 000 users’ email addresses.
The latter incident shows, that while companies try to secure themselves from the external attacks, the inner threats are also a topic.