Turkish crypto exchange, BtcTurk, has admitted to the loss of sensitive information belonging to over 500,000 of its users due to a security breach in 2018. In an official announcement, the platform admitted that data such as emails, ID numbers, cell numbers, and other personal details were stolen.
BtcTurk Confirms Data Leaks
Registered users on the platform took to Twitter to vent on Friday, May 13, when their personal information appeared on an online forum. Some of the information included selfies that are part of KYC for crypto exchanges. However, BtcTurk denied the allegations and stated that the platform hadn’t experienced a data breach.
Following pressure from its users, BtcTurk has admitted that the data breach occurred before July 2018. According to the statement by the company, the breach occurred due to a data leak on the platform’s storage medium.
The hackers used the PBKDF2 algorithm to mask the leaked data. Consequently, reversing the masked passwords is next to impossible using the current technology on the platform.
The company stated that the breach occurred when the database was hacked and raw data extracted, which was allegedly meant to be shared with one of the company’s partners.
BtcTurk has assured its users that all their information is safe. This latest admission puts into question the issue of data privacy when it comes to crypto trading platforms. Following advanced hacking and phishing methods by criminals, crypto exchanges are facing the threat of constant loss of user data.
Due to strict KYC/AML requirements, users are being asked to reveal a lot of personal data, which, if not protected, can lead to a serious breach of privacy and confidentiality.