Malta-based Trident Crypto Fund has become the latest victim of a major data leak, exposing over thousands of customer details online. The incident, first reported by Russian newspaper Izvestia, was said to have occurred after the crypto investment fund suffered from a database hack, enabling attackers to access personal data of thousands of Trident clients.
According to the Russian newspaper’s report, among the details compromised in the breach included customers’ email addresses, cell phone numbers, encrypted passwords, and IP addresses.
Ashot Oganesyan, chief technology officer of cybersecurity firm DeviceLock, told Izvestia that stolen data was posted on several file-sharing websites on Feb 20, along with a description of the vulnerability that made the breach possible. This was then followed on March 3, when the attackers decrypted and published around 120,000 passwords.
Overall, a total of 266,000 registered Trident Crypto Fund users were said to have been affected by the breach.
As of to date, no mention of the incident has been made on the crypto investment fund’s website or announced via its Telegram group. However, Izvestia decided to reach out to one of the affected individuals, who later confirmed the major data leak.
“We work hard to help keep your account secure and protect your personal information,” the fund assures on its website.
“We work hard to ensure that the information you share is secure. We investigate any suspected breach of security, including fraud activity.”
With the said incident, Trident Crypto Fund’s legality has been made into question. To date, it remains unclear where the fund is registered and physically located. Details about the fund’s team members haven’t also been posted online, and the company has no presence in LinkedIn.
The incident was identified by Oganesyan to be the first data breach to have a major impact on Russian citizens, affecting around 10,000 Russian users.
“Apparently, Russian citizens might already have got their data leaked before. However, no one has taken them into account before, and personal data leakage of 10,000 Trident Crypto Fund users can be considered the first major personal data leak of Russian crypto investors,” Oganesyan told Info-Security Magazine.
The breach comes as the latest addition to the list of crypto exchange companies who have suffered from major security breaches. Among these include the crypto exchange Digitex, who suffered from a major data leak at the end of February, and crypto trading giant Binance, who confirmed it has been hit by a security breach last year.