Latest News

India’s BuyUcoin Crypto Exchange’s data leaked by hackers

India's BuyUcoin Crypto Exchange's data leaked by hackers

Indian crypto exchange BuyUcoin’s sensitive data of above 3.3 lakh users was made accessible on the dark web. A hacker group called ShinyHunters leaked the data on January 20. Moreover, the leaked database includes phone numbers, users’ names, email addresses, KYC, and bank details. Additional data leak connected to crypto involves encrypted passwords, user wallet details, order details, and deposit history. However, BuyUcoin accumulates data from users who trade on the exchange platform for buying cryptocurrencies. 

Cybersecurity researcher Rajshekhar Rajaharia was the first to notice the data leak. Rajaharia states that ShinyHunters was behind the leak. He even bestowed screenshots of the information dump with the paper. The leaked file is available in a MongoDB dump, a modern database for modern apps in a 6GB file and three backup files. Distinctly, this particular hacker group had earlier alleged responsibility for the hackings of Indian companies like Juspay, Chqbook, Clickindia, and Bigbasket, among others. 

Indian Crypto Exchange BuyUcoin announces Security Update

The New-Delhi based crypto-exchange was established in 2016 by Atulya Bhatt, Devesh Agarwal, and Shivam Thakral. Last year, it started to expand globally after acquiring an operating license in Estonia. Moreover, it has collaborated with payments wallet MobiKwik enabling users to purchase cryptocurrencies via their credit and debit cards, MobiKwik wallet, and net banking. According to CoinGecko, the exchange processes approximately $3 million worth of trades every day.

Further, in an updated statement on Friday, BuyUCoin announced that it is ultimately examining every phase of the report about spiteful and criminal cybercrime activities that foreign entities began last year. The company has updated its security standards and has facilitated a three-factor-authentication system for users’ trading accounts. The company states that users should have a strong password and apply OTPs for account verification. They should employ Google’s 2FA authentication system and provide a six-digital trading pin for transaction verification. Moreover, every transaction on the crypto-exchange will require an OTP verification transferred to the users’ email addresses.

Follow BitcoinWorld for the latest updates.

Crypto products and NFTs are unregulated and can be highly risky. There may be no regulatory recourse for any loss from such transactions. Crypto is not a legal tender and is subject to market risks. Readers are advised to seek expert advice and read offer document(s) along with related important literature on the subject carefully before making any kind of investment whatsoever. Crypto market predictions are speculative and any investment made shall be at the sole cost and risk of the readers.