In a major privacy breach, the usernames and passwords of more than a quarter of a million Trident Crypto Fund customers have been stolen and published online.
Technical director of cybersecurity firm DeviceLock Ashot Oganesyan told Russian news outlet IZ the database — which contains email addresses, cellphone numbers, encrypted passwords and IP addresses — had been uploaded to various file sharing websites on February 20.
Earlier this week, hackers decrypted and published close to 120,000 of the passwords, potentially enabling them to log into affected users’ accounts and access their funds.
10,000 Russians affected
Oganesyan said that while attacks on cryptocurrency exchanges and funds occur quite often, this hack was particularly noteworthy for having a major impact on Russian citizens. He said the database contained the data of about 10,000 Russians:
“Apparently, Russian citizens might already have got their data leaked before. However, no one has taken them into account before, and personal data leakage of 10,000 Trident Crypto Fund users can be considered the first major personal data leak of Russian crypto investors.”
Crypto platform data leaks on the rise
Sensitive data leaks at cryptocurrency-related businesses are happening ever more frequently. As CryptoX reported yesterday, Seychelles-based crypto derivatives exchange Digitex plans to remove its KYC identification processes this week in response to a major user data leak that happened last month.
In August last year, Binance admitted that it had discovered a hacker had obtained access to the KYC data of its customers that had been processed by a partner of the exchange.