Buyucoin Hacking Indian Crypto Exchange, Reported Released 325K Consumer Sensitive Data – Exchanges Bitcoin News

Indian cryptocurrency exchange Buyucoin has reportedly been hacked and the sensitive data of about 325,000 users has been leaked on the dark web. According to reports, the disclosed data includes personal information, encrypted passwords, user wallet details, order details, bank details, PAN numbers, passport numbers, and deposit histories.

Hacked Indian cryptocurrency exchange

Buyucoin, Delhi’s NCR-based cryptocurrency exchange, is reportedly hacked. The exchange has more than 350K registered users and has facilitated over $ 500 million in cryptocurrency trades, according to its website. Several local news outlets reported that sensitive data about 325K customers had been dumped on the dark web. IANS ‘announcement was made on Friday:

Data disclosed includes names, emails, mobile numbers, encrypted passwords, user wallet details, order details, bank details, KYC details (PAN number, passport numbers) and deposit history.

Independent cybersecurity researcher Rajshekhar Rajaharia explained to the announcement that the 6GB file on the MongoDB database contains three backup files with Buyucoin data. The researcher found his own information which he used to create an account on the platform last year among the data revealed. “This is a serious hack as key financial, banking and KYC details have been leaked on the dark web,” Rajaharia was quoted as saying.

On Twitter, several users reported that their information had been leaked. Rajaharia tweets: “Cryptocurrency trading? 3.5 Lakh Consumer Data including me leaked from Buyucoin. Data disclosed includes name, email, mobile phone, bank account numbers, PAN number, wallet details etc. Again the company was not informed of the affected consumers. “

Buyucoin is the latest victim of the notorious hackers group Shinyhunters, which has been dropping free databases on well-known English-language forums, according to the Economic Times. The group also leaked data from Big Basket’s E-grocer, educational technology platform Unacademy and payments aggregator Juspay.

Israel’s darknet threat intelligence provider, KELA, confirmed the leak to the announcement. Company threat intelligence analyst Victoria Kivilevich explained “These records are now circulating on the dark web and are available for use by other cybercriminals.” He added that they can use the data for anything from “phishing scams to gain administrative privileges and access to corporate networks if corporate references have been leaked.”

Buyucoin Investigates the Breach

Since reports of the security breach came to light, Buyucoin has released two official statements on the matter. The first was written by its CEO, Shivam Thakral. He wrote: “In mid-2020, while carrying out a routine testing exercise with fake data, we faced a ‘low-impact security incident’ where only 200 records were affected by false, non-sensitive data. We would like to clarify that not even one customer was affected during the incident. ”

Rajaharia responded to the exchange’s official statement in a tweet: “Such an irresponsible statement by Buyucoin. I am your registered and validated user of KYC. You also leaked my own data. Change your statement as soon as possible. What if someone used my account in any illegal activity. Inform your users right now. “

Subsequently the CEO of Buyucoin was replaced by a different message from the exchange. “In terms of the media report,” Buyucoin wrote:

We are thoroughly investigating all aspects of the report on malicious and illegal cybercrime activities by foreign entities in mid-2020.

There have been no further updates from the press time exchange.

What do you think of this Buyucoin hack? Let us know in the comments section below.

Tags in this story

Bitcoin exchange, Buyucoin, buyucoin hacking, Cryptocurrency exchange, Customer Data, dark web, data leak, Hackers, Indian crypto exchange, hacked Indian exchange, security breach

Image Credits: Shutterstock, Pixabay, Wiki Commons, Twitter

Disclaimer: This article is for informational purposes only. It is not a direct offer or solicitation of an offer to buy or sell, nor a recommendation or endorsement of any products, services or companies. does not provide investment, tax, legal or accounting advice. Neither the company nor the author is responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use or reliance on any content, goods or services mentioned in this article.