Swedish crypto exchange QuickBit has confirmed the data leak of 300,000 records that have been left exposed to the public by a contractor of the company during a security update.
QuickBit – that is listed on the NGM Nordic MTF stock market – has seen its MongoDB database released to the public without the need of any authentication.
Criminals can use leaked records for identity theft
The data leak of the Swedish cryptocurrency exchange was discovered by Comparitech and security researcher Bob Diachenko on July 2. According to the magazine, QuickBit’s database was leaked on June 28 when it was first indexed by the security aggregator Shodan.
After the security researchers have discovered the data leak, they immediately alerted QuickBit. Following their conversions, the crypto exchange has initiated a full security audit and published a report of the incident on July 19.
According to Comparitech – while they know the number of records exposed in the data leak – it still remains a question how many users were affected in the incident.
The researchers are also unsure whether malicious parties were able to access or copy the information from the leaked database during the six days it was exposed to the public.
Instead of user records, the exposed database included 301,470 events records, referring to the transactions that were conducted on the crypto exchange’s platform.
The sensitive information contains full names and addresses, email, date of birth, and limited financial information as the credit card numbers in the database were truncated.
Despite the truncated financial data, Comparitech researchers say that tech-savvy criminals can use the leaked information to take over user accounts and carry out identity theft.
“For example, a criminal might be able to use the last four digits of your credit card, along with your name, address, and date of birth, to convince a wireless carrier that they are an account holder for your account,” Comparitech’s report reads.
Furthermore, the amount of data exposed in the leak is enough for cybercriminals to conduct targeted phishing attacks to acquire additional sensitive details from victims, the security researchers say.
QuickBit confirms data leak
Comparitech has also discovered 143 leaked records containing internal credentials – such as merchants, secret keys, user IDs, and secret phrases – that malicious parties can use to fully take over accounts of the victims, conduct transactions, or get access to financial information.
Despite the claims of the researchers, QuickBit has assured the public in a press release that the records in the exposed database couldn’t be used to harm either the crypto exchange or its users.
“QuickBit’s technicians have immediately taken steps to ensure that all servers are protected behind firewalls, and prevent the possibility of similar incidents,” a rough translation of the press release reads.
The crypto exchange has added that the security incident concerns approximately two percent of the service’s user base.
Last modified: March 4, 2021 2:39 PM