BuyUCoin is affected by a breach and exposes 325K user’s personal data
BuyUCoin, which is an Indian Cryptocurrency Exchange is affected by a breach, where it compromised more than 325,000 people’s personal data. As per the reports from Indian news outlet Inc42, ShinyHunters, a group of hackers leaked the database of these people. The database contained the names, phone numbers, email addresses, tax identification numbers, and bank account details. Later, the Bleeping Computer report depicts that the hackers leaked the information from 161,487 BuyUCoin members.
Rajshekhar Rajaharia is a cybersecurity researcher who posted screenshots of the leaked data until September 2020 and recorded it to Twitter in the last week.
Earlier, BuyUCoin released a statement saying, “not even a single customer was affected” by the data breach and referred to the reports as “rumors”. After this statement, BuyUCoin made another statement saying it was “thoroughly investigating each and every aspect of the report about malicious and unlawful cybercrime activities by foreign entities.”
The exchange has also added saying that the funds were safe within a secure environment. It also reported that 95% of the users’ funds were kept in cold storage. Although no funds are affected by the breach, there are potential risks for the BuyUCoin users.
Similar to BuyUCoin, Ledger wallet users also faced a data breach in June and July 2020. During this data breach, nearly 272,853 people were affected. Since then, some ledger users have reported that they received some threatening emails demanding a crypto ransom to be paid in 24 hours else the users will have to face horrifying consequences.
Some of the BuyUCoin users have expressed their frustration with the breach reports. Rajaharia said, “What if someone used my account in any illegal activity?”.
