Digitex’s data breach comes amid an increasing number of malicious attacks targeting cryptocurrency exchanges.
On Feb. 27, Okex and Bitfinex suffered simultaneous distributed denial of service (DDoS) attacks. While Okex’s platform was “largely unaffected”, Bitfinex entered into maintenance mode to quickly execute countermeasures and patch for all similar attacks.
On Feb. 28, the Tim Draper-backed Singaporean crypto exchange Coinhako announced that it has fully reimbursed all customers were affected by a “sophisticated attack” that began targeting the exchange seven days prior.
The exchange responded by suspending send functionality. Coinhako has since restored send capabilities for Bitcoin, Bitcoin Cash (BCH), Ethereum (ETH), Tether (USDT), TrueUSD (TUSD) and USD Coin (USDC).
An ex-employee of cryptocurrency derivatives exchange Digitex began leaking stolen Know-Your-Customer (KYC) on Telegram. The stolen data reportedly includes passport and driving license scans and other sensitive documentation pertaining to more than 8,000 Digitex customers.
The Seychelles-based exchange issued Cointelegraph a statement indicating that it is not currently able to comment on the incident and is seeking legal counsel:
“Digitex Futures is aware of a leak of confidential data. We are not able to comment fully on the incident at this time and are currently seeking legal counsel. However, we can confirm that this was not an external hack but an internal security breach orchestrated by an ex-employee with a conflict of interest against the company. We will be releasing more information on the incident as soon as possible.”
The extent of the Digitex breach is unknown
However, one source who is familiar with the matter told Cointelegraph that the data of 8,000 customers “has not been breached”, adding:
“Only three ids have been leaked although the perpetrator confirms that he has them all and is starting to post demands so as not to leak the rest.”
On Telegram, the “Digileaker” has claimed to be in possession of “the entire KYC documentation of every single user who has used the Digitex Treasury from its inception date until today.”
In an interview with cryptocurrency scam hunter CryptoVigilante, the Digileaker claimed to have used login information obtained when Digitex registered with its KYC provider Sum and Substance.
According to the hacker, the login “gives unrestricted access to all the KYC information of 8000+ customers including documents, address, phone numbers and other information like IP address.”
Digitex data breach gains momentum
The Digitex debacle has escalated over recent weeks, starting with the ex-employee hijacking its Facebook account to publicly disclose users’ email addresses. In a Feb. 10 blog post, Digitex stated that the breach was an “internal issue” that had been perpetrated by a “scheming and highly manipulative ex-employee.”
The company also assured customers that “beyond their email addresses, no other sensitive information was gathered or released.”