Trust Wallet has temporarily suspended Transak’s fiat-to-crypto payment service after the Miami-based firm experienced a data breach.
According to Transak’s official statement, hackers obtained compromised credentials through “unauthorized access” to a third-party employee’s laptop. A sophisticated phishing tactic used against a Transak KYC vendor allowed criminals to obtain personal data such as names of more than 92,554 users.
Due to the recent security incident @TransakFor your safety, we have taken precautions and temporarily removed onramp services from Trust Wallet. Rest assured, the user’s funds remain safe as sensitive wallet information is not disclosed to any of our onramp providers. Stay… https://t.co/xRB1ZB1Dtt
— Trust Wallet (@TrustWallet) 21 October 2024
More than 5 million people use Transak’s service, and less than 2% of its users are affected, according to the company’s Oct. 21 blog post. The firm said it had contacted law enforcement to assist with the investigation and announced plans to contact anyone affected. users.
Many digital asset storage providers, including Trust Wallet, Metamask, Ledge, and Coinbase, use Transak’s fiat-to-crypto or onramp payment corridor to transfer value from currencies such as the US dollar to Bitcoin (BTC) or Ethereum (ETH).
More crypto wallet companies may pause support until the situation is corrected. Still, the firm emphasized that the stolen KYC materials were not revealed as part of nefarious activities. A leading cyber security company
There is currently no indication that data has been misused. However, we advise affected users to remain vigilant and monitor for suspicious activity. We will reach out to affected users with advice and resources on protecting themselves from potential misuse of information and provide resources such as identity monitoring services.
Transak blog post
While the startup investigated the incident, ransomware syndicate Stormous claimed responsibility for the breach. Stormous apparently stole more than 300 gigabytes of user data and published illegally obtained personal information on its website. The ransomware gang also hacked the web3 identity protocol Fractal ID in July.
Bitcoin 
Ethereum 
Tether 
Solana 
BNB 
XRP 
Dogecoin 
USDC 
Lido Staked Ether 
Cardano 
TRON 
Avalanche 
Shiba Inu 
Wrapped stETH 
Wrapped Bitcoin 
Toncoin 
Sui 
Bitcoin Cash 
WETH 
Chainlink 
Pepe 
Polkadot 
Stellar 
LEO Token 
NEAR Protocol 
Litecoin 
Aptos 
Wrapped eETH 
Uniswap 
USDS 
Cronos 
Hedera 
Internet Computer 
Ethereum Classic 
Bonk 
Render 
Kaspa 
Bittensor 
Ethena USDe 
POL (ex-MATIC) 
WhiteBIT Coin 
MANTRA 
Dai 
Artificial Superintelligence Alliance 
dogwifhat 
Arbitrum 
Monero 
Stacks 
Mantle 
Filecoin