BuyUCoin Data Leak Exposes 325K User Information

Delhi-NCR-based cryptocurrency exchange and wallet company BuyUCoin has reportedly suffered from a data breach which led to the exposure of 3.25 lakh users in the region. The compromised personal information has allegedly been made available on the Dark Web by the threat actor in question.

In an interview with Gadgets 360, cybersecurity researcher Rajshekar Rajaharia said that he found the data on the Dark Web last week. The information was posted on the internet by the popular hacking group Shiny Hunters.

The same threat actor is said to be responsible for the cybersecurity attacks of BigBasket and Juspay, reports Gadgets 360. The total number of users affected by the incident amount to 3.25 Lakh, just a short number away from the total users the company supposedly services at around 3.5 lakh users.

BuyUCoin Data Leak Exposes User Info

Among the information made vulnerable to the public personal, banking, and KYC data. These include the names of users, mobile numbers, email addresses, deposit history, and order information.

Apart from the aforementioned details, the National Herald states that the passwords of users have also been compromised by the data breach. Moreover, the KYC details of users, including their passport numbers and PAN numbers, have also been exposed in the leak.

INC42 reveals that sensitive banking details of users are also under threat from the incident, particularly after the account numbers, account type, and IFSC code have been compromised on the Dark Web.

These details are reportedly contained in a 6-gigabyte file on a MongoDB, a type of database leveraged by modern applications today states INC42. Based on the findings of Rajaharia, the database contains information until September of 2020.

Bleeping Computer revealed that the archived database included three tar files. These three files were named accordingly based on the data they were dumped. According to the news site, these recorded dates occurred on June 1, 2020, July 14, 2020, and September 5, 2020.

In response to the incident, BuyUCoin told Gadgets 360 that they are in the process of investigating the incident. However, BuyUCoin maintains that “All of our user’s portfolio assets are safe within a secure and encrypted environment. 95% of user’s funds are kept in cold storage which is inaccessible to any server breach.”

Despite such claims that user data remains in the clear from threat actors, Rajaharia said that he, too, was affected by the cybersecurity incident, said INC42.

Besides BuyUCoin, Rajaharia states that other companies, including ClickIndia, ChqBook, and WedMeGood, may have also been involved in cybersecurity incidents, reports the National Herald.