Notorious hacking group appears to have accessed unsecured MongoDB database
Another day, and another report that a cryptocurrency exchange has been breached by malicious hackers.
Indian cryptocurrency exchange BuyUCoin says that is investigating claims that sensitive data related to hundreds of thousands of its users has been published on the dark web, where it is available for free download.
The 6GB of leaked data is said to have been found in a MongoDB database that BuyUCoin had left unsecured, and included users’ bank account details, email addresses, bcrypt-hashed passwords, mobile phone numbers, and Google sign-in tokens.
The data was subsequently leaked by the ShinyHunters gang which has a history of publishing data breaches.
Such details could, of course, be used by other online criminals to scam and defraud cryptocurrency investors.
Existing customers of BuyUCoin, including security researcher Rajshekhar Rajaharia, have confirmed the authenticity of the data breach by finding their own information in the leaked data.
Screenshots posted on social media of the data leak suggest that information included in the leaked database may have been accessed as recently as last September.
However, for now at least, BuyUCoin is sending mixed messages regarding whether a breach has occurred or not.
Initially a statement from the BuyUCoin’s CEO Shivam Thakral was released saying: “In the mid of 2020, while conducting a routine testing exercise with dummy data, we faced a ‘low impact security incident’ in which non-sensitive, dummy data of only 200 entries were impacted. We would like to clarify that not even a single customer was affected during the incident.”