Indian Crypto Exchange Buyucoin Hacked, Sensitive Data of 325K Users Reportedly Leaked

Indian Crypto Exchange Buyucoin Hacked, Sensitive Data of 325K Users Reportedly Leaked
фото показано с : news.bitcoin.com

2021-1-25 10:10

Indian cryptocurrency exchange Buyucoin has reportedly been hacked and sensitive data of about 325,000 users has reportedly been leaked onto the dark web. According to reports, the leaked data includes personal information, encrypted passwords, user wallet details, order details, bank details, PAN numbers, passport numbers, and deposit histories.

Indian Cryptocurrency Exchange Hacked

Buyucoin, a Delhi NCR-based cryptocurrency exchange, has reportedly been hacked. The exchange has more than 350K registered users and has facilitated over $500 million in cryptocurrency trades, according to its website. Several local news outlets reported that sensitive data of about 325K customers has been dumped onto the dark web. IANS publication detailed on Friday:

The data leaked include names, e-mails, mobile numbers, encrypted passwords, user wallet details, order details, bank details, KYC details (PAN number, passport numbers) and deposit history.

Independent cybersecurity researcher Rajshekhar Rajaharia explained to the publication that the 6GB file on MongoDB database contains three backup files with Buyucoin data. The researcher also found his own information that he used to create an account on the platform last year among the leaked data. “This is a serious hack as key financial, banking and KYC details have been leaked on the dark web,” Rajaharia was quoted as saying.

On Twitter, a number of users said that their information was leaked. Rajaharia tweeted: “Trading in cryptocurrency? 3.5 Lakh Users data including me leaked from Buyucoin. The leaked data contains name, email, mobile, bank account numbers, PAN number, wallets details etc. Again didn’t informed to affected users by company.”

Buyucoin is the latest victim of the infamous hacker group Shinyhunters, which has been leaking databases for free on well-known English-speaking forums, according to the Economic Times. The group also leaked data of e-grocer Big Basket, educational technology platform Unacademy and payment aggregator Juspay.

Israel-based darknet threat intelligence provider KELA confirmed the leak to the publication. The firm’s threat intelligence analyst Victoria Kivilevich explained that “These records are now circulating on the dark web and available for use by other cyber criminals.” She added that they can use the data for anything from “phishing scams to gaining admin privileges and access into corporate networks if corporate credentials have been leaked.”

Buyucoin Is Investigating the Breach

Since reports of the security breach emerged, Buyucoin has released two official statements on the matter. The first was written by its CEO, Shivam Thakral. He wrote: “In the mid of 2020, while conducting a routine testing exercise with dummy data, we faced a ‘low impact security incident’ in which non-sensitive, dummy data of only 200 entries were impacted. We would like to clarify that not even a single customer was affected during the incident.”

Rajaharia responded to the exchange’s official statement in a tweet: “Such an irresponsible statement by Buyucoin. I am your registered and KYC verified user. You leaked my own data too. Please change your statement asap. What if someone used my account in any illegal activity. Please inform your users right now.”

if (!window.GrowJs) { (function () { var s = document.createElement('script'); s.async = true; s.type = 'text/javascript'; s.src = 'https://bitcoinads.growadvertising.com/adserve/app'; var n = document.getElementsByTagName("script")[0]; n.parentNode.insertBefore(s, n); }()); } var GrowJs = GrowJs || {}; GrowJs.ads = GrowJs.ads || []; GrowJs.ads.push({ node: document.currentScript.parentElement, handler: function (node) { var banner = GrowJs.createBanner(node, 31, [300, 250], null, []); GrowJs.showBanner(banner.index); } });

The Buyucoin CEO’s message was subsequently replaced with a different one by the exchange. “Regarding the media report,” Buyucoin wrote:

We are thoroughly investigating each and every aspect of the report about malicious and unlawful cybercrime activities by foreign entities in mid-2020.

There have been no further updates from the exchange at press time.

What do you think about this Buyucoin hack? Let us know in the comments section below.

Similar to Notcoin - TapSwap on Solana Airdrops In 2024

origin »

Streamr DATAcoin (DATA) на Currencies.ru

$ 0.0519152 (+1.15%)
Объем 24H $2.292m
Изменеия 24h: -1.91 %, 7d: -5.84 %
Cегодня L: $0.0501309 - H: $0.0530159
Капитализация $53.52m Rank 574
Цена в час новости $ 0.0604713 (-14.15%)

reportedly data details leaked numbers indian users

reportedly data → Результатов: 83


218M ‘Words with Friends’ players’ data reportedly stolen in Zynga hack

Popular social game developer Zynga has reportedly become the latest victim of a massive data breach impacting some 218 million Words with Friends accounts. On September 12, the company disclosed that “certain player account information may have been illegally accessed by outside hackers,” but didn’t disclose any details about the scope of the breach and the number of players who may have had their information stolen.

2019-10-1 09:40


Dear Netflix: Please ditch the algorithm and focus on human-curated ‘Collections’

Netflix is reportedly testing an all-new recommendation system that harnesses the power of employed biological neural networks – that’s humans if you insist on dumbing it down. Dubbed ‘Collections,’ the new system works like every collection of anything did before about 10 years ago – people sort it out so you don’t have to.

2019-8-24 00:28


Apple will limit VoIP background data collection from WhatsApp, Snapchat et al in iOS 13

Apple is reportedly planning a new feature in iOS that will restrict apps from runing voice over Internet protocol (VoIP) processes in the background when the programs are not actively in use. The “small but significant change” — according to The Information — strikes at the heart of Facebook and other messaging apps, and could result in a fundamental rewiring of the applications on the platform.

2019-8-7 09:31


Фото:

India doesn’t want WhatsApp sharing your payment data with Facebook

Even as WhatsApp readies to launch its mobile payment service in India later this year, the government is concerned about its privacy and security ramifications. “Indian authorities are concerned that WhatsApp‘s payment service might share user data with group companies Facebook and Instagram, compromising the security, privacy and non-commercial information of its subscribers,” according to a report from the Economic Times.

2019-7-26 09:40


Kamala Harris’ Biden Beatdown Upends Democratic Primary Odds

According to data from gambling platform PredictIt, a surprising candidate has emerged as the betting favorite to win the 2020 Democratic primary: Kamala Harris. Kamala Harris Opens Surprise Lead in 2020 Betting Market Harris reportedly delivered a beatdown to former Vice President Joe Biden at the recent debates, which has many Democrats buzzing that she […] The post Kamala Harris’ Biden Beatdown Upends Democratic Primary Odds appeared first on CCN Markets

2019-7-2 21:20


Фото:

Here’s why India wants to build its own WhatsApp and Gmail

The Indian government is reportedly planning to build its own WhatsApp-like chat platform to facilitate secure communications for government agencies, according to news outlet Economic Times. The move is meant to reduce the country’s reliance on US technology companies, and ensure that all communication and data transmitted over the service will be stored locally in the country.

2019-6-27 14:22


Pharmaceutical Firm and Solve.Care Partner to Develop Blockchain Network for Helping Diabetics

Pharmaceutical firm Boehringer Ingelheim to work with Solve. care to develop distributed ledger technology (DLT)-enabled solution for diabetes patients. The DLT-powered software is reportedly being developed to improve data sharing, while also enhancing various other processes related to patient care for diabetes patients.

2019-6-7 17:32


Фото:

Romanian duo convicted in US for using cryptocurrency malware-mining to steal millions

Two Romanian residents have been convicted of infecting over 400,000 individual computers with malware in order to mine cryptocurrency and steal victims’ data to sell on the dark web. Bogdan Nicolescu, 36, and Radu Miclaus, 37, were convicted by a US jury following a 12-day trial of conspiracy to commit wire fraud, conspiracy to traffic in counterfeit service marks, aggravated identity theft, conspiracy to commit money laundering, and 12 counts each of wire fraud.

2019-4-12 15:31