Cybernews experts have discovered that the personal data of users from nine cryptocurrency exchanges has been exposed and made available online for over two months. More than 500,000 customers have been affected by this incident.
According to researchers, the leaked data is from the following platforms:
- sova [.] GG
- coinstart [.] CC
- pocket-exchange [.] Com
- onemoment [.] cc
- cripta [.] CC
- metka [.] cc
- alt-coin [.] CC
- fermma [.] CC
- in-to [.] cc
Although the affected exchanges are not large, the scale of the leak is significant. The compromised data includes sensitive information:
- Complete users’ names
- Credit card numbers
- Email addresses
- IP addresses
- Amounts for payment or withdrawal requests
- Various authentication data (e.g., user agent)
The total leak covers over 615,000 payment requests and more than 28,000 fund withdrawal requests.
Given that cryptocurrency exchanges are often used to facilitate illegal transactions, this leak could prove useful to law enforcement agencies and cybersecurity researchers worldwide.
Data samples:
The initial discovery of the leak occurred on October 10. The server containing the data was still active at the time. However, all the data has since been destroyed by a malicious script. The identity of the perpetrator behind the leak and subsequent data destruction remains unknown.
Researchers have determined that the data was stored using MongoDB, a database management system. However, the wrong configuration allowed unauthorized access from external entities, leading to the disclosure of the data.
Users of the affected platforms are strongly advised to remain vigilant. The leak exposes them to potential fraudulent activities, such as identity theft, phishing, social engineering attacks, and unauthorized transactions. It is essential to change passwords immediately, avoid reusing them, and enable multif