Transak Discloses Ransomware Hack As Stormous Claims Responsibility

Last updated:

Author

Julia Smith

Author

Julia Smith

About Author

Julia is an experienced editor with a passion for covering a wide variety of beats. She loves all things politics and regularly covers regulatory updates on emerging technology here for Crypto News.

Last updated:

Why Trust Cryptonews

With over a decade of crypto coverage, Cryptonews delivers authoritative insights you can rely on. Our veteran team of journalists and analysts combines in-depth market knowledge with hands-on testing of blockchain technologies. We maintain strict editorial standards, ensuring factual accuracy and impartial reporting on both established cryptocurrencies and emerging projects. Our longstanding presence in the industry and commitment to quality journalism make Cryptonews a trusted source in the dynamic world of digital assets. Read more about Cryptonews

Fiat-to-crypto payment gateway Transak was reportedly the victim of a hack on October 20 by ransomware collective Stormous, putting thousands of users’ data at risk.

Transak Falls Victim To Hack Allegedly By Stormous

“We have recently identified that an attacker gained unauthorized access to one of our employee’s laptop through a sophisticated phishing attack,” the crypto company’s statement read. “Using the compromised credentials, the attacker was able to log in to the system of a third-party KYC vendor that we use for document scanning and verification services. As a result, the attacker gained access to specific user information stored within the vendor’s dashboard.”

According to Transak, the attacker gained the names, dates of birth, ID documents, and user selfies of over 92,000 customers during the hack. However, no financially sensitive information was compromised—including credit cards, Social Security Numbers, email addresses, phone numbers, and passwords.

“Our financial systems’ security measures remain robust, and we continue to protect all critical data, ensuring the highest level of privacy and security for our users,” Transak stated.

Nonetheless, the non-custodial digital asset company disclosed hiring a cybersecurity firm and “top forensic experts” to investigate the crypto hacking incident.

Transak has promised to contact impacted users with resources to further protect themselves in light of the attack. However, the Miami-based payment gateway says there is “no indication” that any of the stolen data has been misused.

“We deeply empathize with how frustrating and disappointing this must be for the affected users,” Transak said. “Our top company priority is taking action to protect users and fix any vulnerabilities to ensure nothing like this ever happens again.”

Employee Of Payment Gateway Has “Exited,” CEO Says

Stormous ransomware group has claimed responsibility for the attack, going so far as to publish a number of stolen Transak user data live on its website.

According to CoinDesk, an unnamed ransomware group reportedly claimed they had obtained financial data in the hack, though Transak is seemingly unwilling to negotiate with the alleged attacker.

The hack could be particularly damaging as key players in the crypto industry, such as Coinbase, Binance.US, Trust Wallet, and others, use its services.

According to Start, the employee in question has since “exited” Transak.

You May Also Like