Transak announced on Twitter that the recent hacking attack was carried out through a phishing technique targeting their own employees, thus gaining access to login credentials. The hackers used these credentials to enter the system of a third-party KYC provider that Transak cooperates with, and obtained certain user identity and related information. The leaked data in this incident includes user names, dates of birth, identification documents (such as passports and driver’s licenses), and personal photos of users.
Cryptocurrency Gateway Transak Targeted in Phishing Attack Personal Data of Over 90000 Users Exposed