Bit24.cash faces backlash after reports of KYC data breach

  • Bit24.cash, an Iranian exchange, faces KYC data breach affecting 230K users.
  • Research uncovers misconfiguration, exposing passports, IDs, and credit cards.
  • Conflicting claims between Cybernews and Bit24.cash prompt user concerns.

Bit24.cash, a prominent Iranian cryptocurrency exchange, is under scrutiny following reports of a significant security breach.

Cybernews researchers uncovered a misconfiguration in the platform’s cloud storage system, leading to unauthorized access and exposing sensitive Know Your Customer (KYC) data of nearly 230,000 users. The incident raises concerns about user data protection in the cryptocurrency industry, as conflicting narratives emerge between the research findings and Bit24.cash’s official response.

Passports, IDs, and credit cards info compromised

The research by Cybernews exposed a misconfiguration in the exchange’s cloud storage system, providing unauthorized access to KYC data.

The compromised information includes passports, IDs, credit cards, and written consent to regulations for approximately 230,000 users. This breach underscores the vulnerability of user data and prompts users to question the safety of their personal information.

Conflicting claims and reassurances

In response to Cybernews’ allegations, Bit24.cash spokesperson and security engineer Hossein Amini refuted the claims, stating the report was inaccurate and misleading. Amini asserted that there was no evidence of a data breach or unauthorized access to user information.

Contrary to the research findings, Amini confidently declared the security and integrity of the MinIO instance and cloud storage containers, emphasizing their commitment to user security.

Ramin Moradi, the Bit24.cash CTO, also stated on X that Cybernews has not given any evidence on the security breach and as such he cannot I can’t confirm their claim.

Bit24.cash also stated that after “careful investigation, our technical team found the claims to be false and misleading.” They also went ahead to give a number of reasons through a thread of X (formerly Twitter) supporting their conclusion.

Impact on the Iranian crypto market

Bit24.cash, alongside other Iranian crypto exchanges, has been a significant contributor to the country’s crypto market. In 2022, these platforms accounted for 12% of all funds flowing to Iranian exchanges.

The reported security breach not only raises concerns for individual users but also highlights potential repercussions for the broader cryptocurrency ecosystem in Iran. Users are now urged to seek clarification from Bit24.cash support amid the conflicting narratives.

All Dutch and English crypto news!

Gemini to return at least $1.1B to Earn customers in settlement with NYDFS

Gemini said that 97% of the assets should be recoverable within two months and the remaining asset balance within the next 12 months. News Own this piece...

Nigerian central bank head criticizes Binance, execs reportedly arrested

Crypto exchanges have been suspected of destabilizing the Nigerian naira fiat, but the country’s top central banker said Binance moved billions from unidentified users in...

Bitcoiner wants to plant the orange flag on top of Everest

Dadvan Yousuf said he planned to “hoist the Bitcoin flag at the top of the world” to highlight the “global disparity in access to financial...

From zombie to unicorn: VCs discuss startup turnaround at Web Summit Qatar

The key to avoiding startup stagnation is agility, according to Golden Gate Ventures’ Michael Lints and Plus Venture Capital’s Zainab Al Sharif. News Own this piece of...

Beste exchanges

Koop je crypto bij Bitvavo