Data of BuyUcoin cryptocurrency exchange traders allegedly leaked online

A customer update, since removed, claimed the leak was “dummy data.”
Written by Charlie Osborne, Contributing Writer

A data breach at the BuyUcoin cryptocurrency exchange has reportedly led to user information becoming leaked underground.

Names, email addresses, phone numbers, cryptocurrency transaction records, and bank details of users may have been compromised, according to Inc42. The publication estimates that up to 325,000 users are impacted, whereas Bleeping Computer suggests a figure closer to 161,000. 

The alleged data leak, flagged by researcher Rajshekhar Rajaharia, was posted on a hacking forum and is thought to be the work of ShinyHunters, previously linked to the sale of stolen company databases. 

In total, the alleged data dump comprises of three separate archives, with the associated dates of June 1, July 14, and September 5, 2020.

The Indian cryptocurrency exchange has denied the existence of a data breach, classifying reports as a "rumor."

In a statement updated on January 21, BuyUcoin said the organization is "thoroughly investigating each and every aspect" of the report. The Indian cryptocurrency exchange added that "all our user's portfolio assets are safe and sound within a secure environment" and "95% of user funds are kept in cold storage."

BuyUcoin did not confirm or deny that a leak had taken place, but did say that there is a planned "overhaul" of cybersecurity processes throughout 2021.

However, the organization's original statement, since removed from BuyUcoin's main blog, said that a "low impact security incident" occurred last year in which "non-sensitive, dummy data" was leaked. 

The cryptocurrency exchange said that during a "routine testing exercise" with the data, 200 entries were impacted. Furthermore, BuyUcoin claims that "not even a single customer was affected during the incident."

"BuyUcoin rejects alleged information in some media reports that the data of 3.5 lakh customers was compromised," the firm said. "We would like to reiterate the fact that only dummy data of 200 entries were impacted which was immediately recovered and secured by our automated security systems."

However, this appears to contradict Rajaharia, who claims that as a user himself, his information was involved in the leak. The research has called BuyUcoin's response "irresponsible," as even if funds are safe, unaware users may still be susceptible to phishing and social engineering scams based on the alleged leak. 

Last week, Russian cryptocurrency exchange Livecoin closed its doors following an alleged cyberattack. The organization said that its infrastructure and backend systems were compromised, leading to exchange rates being tampered with and the alleged cybercriminals made off with substantial profits, leading to financial damage that cannot be recovered from.

ZDNet has reached out to BuyUcoin and will update when we hear back.

Previous and related coverage

Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0

Editorial standards