- Aug 17, 2014
- 11,130
A threat actor has leaked the stolen database for Indian cryptocurrency exchange Buyucoin on a hacking forum for free.
Over the weekend, a threat actor known as ShinyHunters posted the link to an archive that contains the alleged database dumps for the Buyucoin cryptocurrency exchange. [...]
The Buyucoin archive leaked by the threat actor this week includes three different data dumps allegedly of the exchange's MongoDB database. This archive contains three tar files named after the date the database was dumped, which was on June 1st, 2020, July 14th, 2020, and September 5th, 2020.
It is unknown if the threat actor performed these dumps on those dates or if they are backups created by Buyucoin.
These database dumps contain tables for user records, cryptocurrency trade transactions, linked bank account information, and others used internally by the exchange.
The user records table contains the information for 161,487 members. It includes email addresses, country, bcrypt hashed passwords, mobile numbers, and Google sign-in tokens if used when registering an account at the site. [...]
Buyucoin has also provided statements to Indian media stating that they are investigating the breach.
"Regarding the recent media reports, we are thoroughly investigating each and every aspect of the report about the malicious and unlawful cybercrime activities by foreign entities in mid-2020. Every BuyUcoin user with active portfolio has 3 factor authentication enabled trading accounts. All our user's portfolio assets are safe within a secure and encrypted environment. 95% of user's funds are kept in cold storage which are inaccessible to any server breach," Buyucoin said in a statement to Gadgets360.
Data breach at Buyucoin crypto exchange leaks user info, trades
A threat actor has leaked the stolen database for Indian cryptocurrency exchange Buyucoin on a hacking forum for free.
www.bleepingcomputer.com