Iranian Crypto Trading Platform Exposes Sensitive User Data
An investigation by Cybernews has revealed that Bit24.cash, an Iranian crypto trading platform, inadvertently exposed the sensitive data of nearly 230,000 users. The platform misconfigured its high-performance object storage system, granting access to cloud storage containers containing Know Your Customer (KYC) data.
The exposed data includes written consent to regulations, as well as passports, IDs, and credit card details. Bit24.cash denies any data breach or unauthorized access to user information. However, concerned users are encouraged to contact the platform’s support.
Reassurances from Bit24.cash
“The reference to a misconfigured MinIO instance granting access to S3 buckets containing KYC data is wholly untrue and does not align with our system architecture or security protocols. We can confirm that our MinIO setup and cloud storage containers remain secure, and there has been no unauthorized access to any sensitive user data.”
– Hossein Amini, Security Engineer at Bit24.cash
Despite these reassurances, it is important for affected users to address their concerns with the platform’s support.
Bit24.cash’s Role in Iranian Crypto Exchanges
In 2022, Bit24.cash accounted for 12% of all funds flowing into Iranian exchanges. Alongside other platforms like Wallex.ir, Excoino, and Aban Tether, it played a significant role in the country’s crypto market. The majority of funds sent to Iranian exchanges came from external exchanges.
Hot Take: Protecting User Data Should Be a Top Priority for Crypto Platforms
User data protection is crucial in the crypto industry. Instances like the inadvertent exposure of sensitive information by Bit24.cash highlight the importance of robust security measures and proper configuration of storage systems. As a crypto user, it is essential to choose platforms that prioritize the security of your personal data.
By
By
By
By
By