Iranian Cryptocurrency Exchange Bit24.cash Exposes KYC Data of 230,000 Users

January 8, 2024.

Bit24.cash, an Iranian over-the-counter crypto exchange, has inadvertently exposed sensitive KYC data of nearly 230,000 users due to a misconfigured MinIO instance. The misconfiguration granted access to S3 buckets containing KYC information, including written consent, passports, IDs, and credit cards. Cybernews researchers emphasize the severe threat posed by compromised KYC data, as threat actors could exploit it for identity theft, fraudulent transactions, and phishing attacks. Bit24.cash denies the data breach claims, stating that their MinIO setup and cloud storage containers remain secure with no unauthorized access to sensitive user data. Users are encouraged to reach out to the platform’s support for reassurance.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top