Nearly 230,000 Iranian crypto users have had their personal and financial data exposed after a security lapse at Bit24.cash, one of the country’s largest crypto exchanges. The breach could have serious implications for the users, who may face identity theft, fraud, and phishing attacks.
Bit24.cash left KYC data unprotected
Bit24.cash is an over-the-counter crypto exchange that supports over 300 coins and tokens. It requires its users to undergo a Know Your Customer (KYC) process, which involves uploading official documents such as passports, IDs, and credit cards to verify their identity and comply with anti-money laundering regulations.
However, according to a report by Cybernews, Bit24.cash failed to secure its KYC data properly, leaving it accessible to anyone who knew where to look. Cybernews researchers discovered a misconfigured MinIO instance, a high-performance object storage system, that granted access to S3 buckets, cloud storage containers, containing the platform’s KYC data.
The researchers found that the data breach affected approximately 230,000 Iranian citizens, exposing their written consent to the platform’s rules, as well as their passports, IDs, and credit cards. The researchers contacted the company to inform them of the issue, but did not receive a response before publishing their report. The instance has since been secured and is no longer accessible.
Bit24.cash users face potential threats
The data breach poses a severe threat to the affected users, who could be targeted by malicious actors for various purposes. With access to such comprehensive personal and financial data, hackers could impersonate the users, gain unauthorized access to their accounts, execute fraudulent transactions, and potentially cause substantial harm to the users.
Moreover, the users could also face phishing attacks, where hackers send fake emails or messages pretending to be Bit24.cash or other legitimate entities, and try to trick the users into revealing their passwords, codes, or other sensitive information. Phishing attacks are common in the crypto space, as hackers exploit the users’ fear of losing their funds or missing out on opportunities.
Additionally, the users could also face legal consequences, as Iran has strict regulations on crypto activities. The country has banned the use of crypto for payments, and requires crypto exchanges to obtain licenses from the central bank. The users could also face sanctions from the US, which has prohibited doing business with Iran or Iranian entities.
Bit24.cash denies the data breach
Bit24.cash has denied the data breach, claiming that the report by Cybernews is false and misleading. In a statement posted on its website, the exchange said that it has not experienced any security incidents, and that its KYC data is stored securely on its own servers, not on any cloud service.
The exchange also said that it has contacted Cybernews to request a correction, and that it will take legal action against the publication if it does not comply. The exchange also urged its users to ignore the report and not to panic, assuring them that their data and funds are safe.
However, Cybernews has stood by its report, saying that it has evidence to prove the data breach, and that it has acted responsibly by informing the company and the public. The publication also said that it is ready to cooperate with any investigation, and that it hopes that Bit24.cash will take the necessary steps to protect its users.