Trust Wallet Vendor, Transak, Reports Ransomware Attack
Transak Breach Compromises Sensitive User Information, Stromous Ransomware Group Claims Responsibility and Threatens Further Leaks
Transak, a cryptocurrency on-ramp provider used by major crypto platforms such as Trust Wallet and Metamask, recently disclosed in a blog post that it suffered a significant security breach that has affected approximately 92,554 users, equating to 1.14% of its total user base.
This Transak breach joins the growing list of cryptocurrency platforms to have suffered from breaches within the last few months.
Following the breach, the attacker was able to exploit the compromised credentials of the employee. As a result, they gained entry into the vendor’s system, accessing sensitive user information, including names, dates of birth, ID documents such as passports and driver’s licenses, and user selfies.
Fortunately, Transak reassured its users that its non-custodial model ensures that user assets remain secure adding that no financially sensitive information, such as credit card details, social security numbers, or passwords, was compromised.
Transak Response and Investigation
Transak acted swiftly to stem the damage, enlisting a cybersecurity firm and forensic experts to conduct a thorough investigation into the attack and assess its impact.
Subsequently, Transak assured users of plans to enhance its employee training programs and security measures to better protect against cyber threats. The company has also informed relevant data protection authorities, including the UK’s Information Commissioner’s Office (ICO), and is working to ensure compliance with regulatory standards.
A ransomware group called Stomous has claimed responsibility for the attack, alleging on its Telegram channel that it has access to over 300GB of data, including personal information such as IDs and financial statements.
The group has threatened to leak more data unless Transak complies with their ransom demands. The group released some screenshots from the KYC vendor adding that they would “leak the remaining data or sell it to the highest bidder” if Transak fails to pay a ransom.
Despite these threats, Transak has not engaged in negotiations with the attackers with Transak’s CEO stating, “We don’t know if they actually did it or if they are just taking credit for it.”
