Categories: News

Breach at Indian exchange BuyUCoin allegedly exposes 325K users’ personal data

BuyUCoin initially denied the reports of a data breach, but added that all user funds are safe.

Users of Indian crypto exchange BuyUCoin have reportedly been affected by a breach compromising personal data of more than 325,000 people.

According to a report from Indian news outlet Inc42, a hacking group by the name of ShinyHunters leaked a database containing the names, phone numbers, email addresses, tax identification numbers and bank account details of more than 325,000 BuyUCoin users. However, a later report from Bleeping Computer shows the leaked data may only contain information from 161,487 BuyUCoin members.

Cybersecurity researcher Rajshekhar Rajaharia posted screenshots of the leaked data — recorded until September 2020 — to Twitter last week, which included trading activity and BuyUCoin referral codes.

BuyUCoin initially claimed that “not even a single customer was affected” by the data breach and referred to the reports as “rumors,” but has since released a statement saying it was “thoroughly investigating each and every aspect of the report about malicious and unlawful cybercrime activities by foreign entities.” The exchange added that all user funds were “safe and sound within a secure environment” as it reported 95% were kept in cold storage.

Though no funds have reportedly been affected in the breach of the exchange, there are still potential risks to BuyUCoin users. Like the exchange’s customers, Ledger users had their personal data compromised in a June and July 2020 data breach affecting 272,853 people who ordered hardware wallets. Some users have since reported receiving threatening emails with demands for a crypto ransom to be paid within 24 hours or they will face “horrifying” consequences.

While real world attacks to steal crypto are much rarer than hacks or scams, they do occur. Whether concerned for their data or their physical well being, some BuyUCoin users expressed their frustration with the reports of the breach.

“What if someone used my account in any illegal activity?” said Rajaharia — also a BuyUCoin user — in a follow-up tweet, calling the exchange’s initial response “irresponsible.”

Cointelegraph reached out to BuyUCoin CEO Shivam Thakral for comment, but did not receive a response at the time of publication.

[…]
Learn more

crypto

Leave a Comment

Recent Posts

Mt. Gox Bitcoin Movements: Market Impact and Ex-Client Risks

The defunct cryptocurrency exchange Mt. Gox is making waves again, this time with huge Bitcoin…

4 months ago

Taproot Assets: Revolutionizing Bitcoin’s Lightning Network

Lightning Labs, a leading developer in Bitcoin's Lightning Network ecosystem, has launched a groundbreaking protocol…

4 months ago

Whale With Ethereum Foundation Link Transfers 92,500 ETH Worth $288M 

According to onchain data, a significant whale holding over 92,500 ether moved the funds to…

4 months ago

Discover the Skinny Bob MemeCoin: NFTs, Multi-Chain, and Cosmic Humor

🛸Inspired by the internet's favorite extraterrestrial, Skinny Bob MemeCoin is revolutionizing the cryptosphere across multiple…

4 months ago

Uncovering the Risks of NFTs for Creators and Buyers

NFTs, or non-fungible tokens, are transforming various industries, including art, music, sports, and real estate.…

4 months ago

Proton Technologies AG Unveils Open Source Bitcoin Wallet

Proton Technologies AG, the Swiss company renowned for its encrypted email and VPN services, has…

4 months ago