Cloud Security, Data Security, Privacy

Almost 230K hit by data leak

Cybernews reports that Iranian cryptocurrency exchange had almost 230,000 of its users' sensitive information accidentally compromised after S3 buckets storing its Know Your Customer verification data became accessible due to a misconfiguration in its MinIO object storage system. Information leaked by the misconfiguration included individuals' IDs, credit cards, and passports, as well as their written consent to KYC laws. While has since secured the misconfigured cloud storage system, the severity of such exposure has been emphasized by Cybernews researchers. "This breach poses a severe threat, as threat actors could potentially exploit the exposed data for identity theft, fraudulent transactions, and phishing attacks. With access to such comprehensive personal and financial data, malicious actors could impersonate individuals, gain unauthorized access to accounts, execute fraudulent transactions, and potentially cause substantial financial and personal harm to the affected users," said researchers.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.