‘Digileaker’ Claims to Have Stolen KYC Documents for 8,000 Digitex Users

Published at: Feb. 29, 2020

An ex-employee of cryptocurrency derivatives exchange Digitex began leaking stolen Know-Your-Customer (KYC) on Telegram. The stolen data reportedly includes passport and driving license scans and other sensitive documentation pertaining to more than 8,000 Digitex customers. 

The Seychelles-based exchange issued Cointelegraph a statement indicating that it is not currently able to comment on the incident and is seeking legal counsel: 

“Digitex Futures is aware of a leak of confidential data. We are not able to comment fully on the incident at this time and are currently seeking legal counsel. However, we can confirm that this was not an external hack but an internal security breach orchestrated by an ex-employee with a conflict of interest against the company. We will be releasing more information on the incident as soon as possible.”

The extent of the Digitex breach is unknown

However, one source who is familiar with the matter told Cointelegraph that the data of 8,000 customers “has not been breached,” adding: 

“Only three ids have been leaked although the perpetrator confirms that he has them all and is starting to post demands so as not to leak the rest.”

On Telegram, the “Digileaker” has claimed to be in possession of “the entire KYC documentation of every single user who has used the Digitex Treasury from its inception date until today.”

In an interview with cryptocurrency scam hunter CryptoVigilante, the Digileaker claimed to have used login information obtained when Digitex registered with its KYC provider Sum and Substance.  

According to the hacker, the login “gives unrestricted access to all the KYC information of 8000+ customers including documents, address, phone numbers and other information like IP address.”

Digitex data breach gains momentum

The Digitex debacle has escalated over recent weeks, starting with the ex-employee hijacking its Facebook account to publicly disclose users’ email addresses. In a Feb. 10 blog post, Digitex stated that the breach was an “internal issue” that had been perpetrated by a “scheming and highly manipulative ex-employee.” 

The company also assured customers that “beyond their email addresses, no other sensitive information was gathered or released.”

Crypto exchanges see several attacks during February

Digitex’s data breach comes amid an increasing number of malicious attacks targeting cryptocurrency exchanges.

On Feb. 27, Okex and Bitfinex suffered simultaneous distributed denial of service (DDoS) attacks. While Okex’s platform was “largely unaffected,” Bitfinex entered into maintenance mode to quickly execute countermeasures and patch for all similar attacks.

On Feb. 28, the Tim Draper-backed Singaporean crypto exchange Coinhako announced that it has fully reimbursed all customers were affected by a “sophisticated attack” that began targeting the exchange seven days prior. 

The exchange responded by suspending send functionality. Coinhako has since restored send capabilities for Bitcoin (BTC), Bitcoin Cash (BCH), Ethereum (ETH), Tether (USDT), TrueUSD (TUSD) and USD Coin (USDC).

Tags
Kyc
Related Posts
DDoS Attacks on OKEx and Bitfinex Were Sophisticated, Possibly Related
As the cryptocurrency industry continues to mature, security remains a major challenge. Over the last few weeks, a number of cryptocurrency exchanges — namely, OKEx, Bitfinex, Digitex and Coinhako — have experienced security breaches. Although the attackers apparently did not manage to steal any funds, one of the incidents resulted in a leak of Know Your Customer data. All of the breaches have reportedly been dealt with as of press time, and all of the affected exchanges are back online. OKEx and Bitfinex targeted in a series of DDoS attacks Two different major crypto exchanges were reportedly hit with distributed …
Blockchain / March 3, 2020
Crypto Exchanges OKEx and Bitfinex Suffer Simultaneous DDoS Attacks
Cryptocurrency exchanges OKEx and Bitfinex are suffering multiple denial of service attacks. It is unclear as of now if the attacks are connected, though OKEx CEO blamed competitors on his personal Weibo page. OKEx first suffered a distributed denial of service (DDoS) attack on Feb. 27 at approximately 11:30 AM EST. CEO Jay Hao posted on his personal Weibo page as the attack was unfolding, blaming unnamed competitors in the attack. The attack routed as much as 200 gigabytes per second of traffic, which put strain on OKEx systems. At approximately 4:30 AM EST on Feb. 28, the denial of …
Technology / Feb. 28, 2020
What Crypto Exchanges Do to Comply With KYC, AML and CFT Regulations
While it’s possible to buy top cryptocurrencies like bitcoin (BTC) and ether (ETH) in the over-the-counter (OTC) market, most people will need an exchange in order to buy other altcoins. Exchanges are simply an important component of the system that makes the crypto market tick. Regulators around the world have identified this, which is why regulatory moves have primarily targeted exchanges. Regulators want to be sure that exchanges employ the best security practices as well as measures — Know Your Customer (KYC), Anti-Money Laundering (AML), and Combating the Financing of Terrorism (CFT), for instance — that discourage illicit transactions and …
Bitcoin / May 17, 2019
Bitfinex Introduces ‘New, Improved’ Fiat Deposit System Following Last Week’s Suspension
Major crypto exchange Bitfinex has introduced an “improved” fiat deposit system, shortly after temporary suspension of deposits last week, according to an official blog post Tuesday, Oct. 16. Last week, on Oct. 11, Bitfinex temporarily halted fiat deposits in four fiat currencies – the Euro (EUR), U.S. Dollar (USD), Japanese Yen (JPY), and Pound Sterling (GBP) – without specifying a reason for suspension and claiming that fiat deposits are “expected to resume within a week.” Yesterday, October 15, the crypto exchange posted an update on fiat deposits, explaining that Bitfinex had “temporarily paused” fiat deposits for “certain user groups [...] …
Blockchain / Oct. 16, 2018
Bitfinex Announces Support for OKEx Exchange Token
Cryptocurrency exchange Bitfinex is now listing two tokens from the exchange OKEx: its native utility token OKB and the stablecoin USDK, according to a press release on June 12. Bitfinex will offer trading pairs with the new tokens and other significant fiat and digital currencies like U.S. dollars, bitcoin (BTC), EOS, tether (USDT) and ether (ETH). The native utility token OKB is designed to let OKEx users carry out a variety of functions on the exchange, including settlement of trading fees, the ability to construct a partner exchange, and subscription for tokens on OK Jumpstart — one of OKEx’s token …
Blockchain / June 12, 2019