Coinbase ‘not aware’ of any customer data breach after Au10tix credentials leak
On June 27, crypto exchange Coinbase denied any knowledge of a customer data breach related to its Au10tix compliance platform. The statement follows a June 26 report that Au10tix had leaked employee credentials via Telegram. Au10tix's website displays the Coinbase logo, which seems to indicate that Coinbase is one of its clients.
“We are not aware of any Coinbase data exposure at this time and will continue to monitor the situation,” a Coinbase representative told Cointelegraph.
Au10tix is an identity verification platform that claims to be used by Fiverr, TikTok, Uber, X, Coinbase and many others. It stores users' photo IDs and other identifying information on behalf of the platforms it serves.
An Au10tix representative explained that employee credentials were released, meaning “PII [personally identifiable information] The data was accessible.” However, “based on our current findings, we see no evidence that data was used in any way.
On June 26, 404 Media reported that the compliant platform “exposed administrative credentials online that allowed hackers to access that sensitive data for over a year.” The certificate was allegedly discovered by cyber security firm SpiderSilk, which was discovered by Telegram. The evidence may have been obtained by an attacker who infected an Au10tix employee's computer with malware.
Using the data, a Spider Silk security researcher was able to access customer information from at least one of the platform's customers, confirming that the information was accessible to a hacker. This information includes “the person's name, date of birth, nationality, ID number and the type of document uploaded such as a driver's license.” The link in the data also led to images of “American driver's licenses,” the report said.
Related: Sensitive data exposed in Kroll cyber security breach – report it
A representative of Au10tix told Cointelegraph that the certificates are now “completely removed” and customer data cannot be accessed through them. In addition, they said.[a]After a detailed security assessment, we concluded that there was no malicious activity and no data leakage from our system.
The Compliance Forum has taken additional steps to ensure that such an incident does not happen again. The representative:
“We will terminate the relevant operating system and replace it.[d] With more secure systems. We are reviewing and strengthening our security procedures.[ing] Security controls on all IT assets. We have appointed a team to continuously monitor future activities.
Au10tix said it “adheres to and will continue to adhere to the highest industry standards, market demands and the latest best practices.”
Coinbase has not confirmed or denied whether it uses Au10tix to store customer data. However, it stated that it is not aware of any breach of customer data in the reported incident.
Most jurisdictions require centralized crypto exchanges to perform Know Your Customer (KYC) verification, which includes asking customers for their driver's licenses or passport pictures. The supporters argue that this system is necessary to prevent it from being used for money laundering. Critics, however, argue that the move violates users' privacy.
Magazine: As Ethereum Mining Intensifies, Drains Move to Tons and Bitcoin