Sunday, November 24

Cybernews researchers discovered a public AWS storage bucket exposing sensitive user data from Nigerian crypto exchange Bitnob.

Nigerian crypto exchange Bitnob reportedly exposed over 250,000 Know Your Customer documents, including sensitive user data, due to a misconfigured Amazon Web Services storage bucket.

An investigation revealed by the Cybernews research team on Nov. 6, discovered that the leak was first discovered on Sept. 11. Per the analysts, the leak contained KYC documents such as government IDs, passports, and driver’s licenses.

“Cybernews researchers have identified that the exposed bucket belongs to Bitnob, a fintech platform headquartered in Lagos, Nigeria.”

Cybernews

The analysts noted that KYC documents are highly sought after on dark web marketplaces, with digital passport scans selling for $15.

You might also like: KYC and AML in MiCA rules: how will crypto change in 2025? | Opinion

Bad actors target Bitnob’s users

Cybernews attributed the leak to “likely human error,” pointing to common misconfigurations as a potential cause. While Bitnob has since secured the data, the exchange has not released any statements regarding the incident. As of press time, no public comments have been made about the breach.

Founded in 2020 by Adeolu Akinyemi, Bernard Parah, and Usman Majeed, the Lagos-based crypto platform offers Bitcoin-based services such as transfers, savings, and loans across Africa. Although the duration of the exposure remains unclear, Cybernews analysts believe “it’s likely that threat actors have found it, too.”

Read more: US and Nigeria form alliance to fight crypto crime

Read the full article here

Share.
Leave A Reply

Exit mobile version