Miami-based cryptocurrency payment processor Transak had data from over 92,000 individuals, or nearly 1% of its user base, compromised following a successful phishing attack against an employee laptop, according to The Record, a news site by cybersecurity firm Recorded Future.
Infiltration of the laptop enabled attacker access to Transak's third-party know-your-customer vendor, facilitating the exposure of clients' names, birthdates, driver's license data, passports, and selfies, but not their financially sensitive details, said Transak in a statement on Sunday, which noted an ongoing investigation into the incident. Transak's disclosure was followed by an admission from the Stormous ransomware operation, which noted the theft of 300 GB of data from the crypto platform's systems, which would be leaked should the firm refuse to provide the demanded ransom. Such a development comes after decentralized finance platform Radiant Capital reported having more than $50 million worth of cryptocurrency stolen from a heist last week.
