Cybernews researchers discovered a public AWS storage bucket exposing sensitive user data from Nigerian crypto exchange Bitnob.

Nigerian crypto exchange Bitnob reportedly exposed over 250,000 Know Your Customer documents, including sensitive user data, due to a misconfigured Amazon Web Services storage bucket.

An investigation revealed by the Cybernews research team on Nov. 6, discovered that the leak was first discovered on Sept. 11. Per the analysts, the leak contained KYC documents such as government IDs, passports, and driver’s licenses.

“Cybernews researchers have identified that the exposed bucket belongs to Bitnob, a fintech platform headquartered in Lagos, Nigeria.”

Cybernews

The analysts noted that KYC documents are highly sought after on dark web marketplaces, with digital passport scans selling for $15.

Bad actors target Bitnob’s users

Cybernews attributed the leak to “likely human error,” pointing to common misconfigurations as a potential cause. While Bitnob has since secured the data, the exchange has not released any statements regarding the incident. As of press time, no public comments have been made about the breach.

Founded in 2020 by Adeolu Akinyemi, Bernard Parah, and Usman Majeed, the Lagos-based crypto platform offers Bitcoin-based services such as transfers, savings, and loans across Africa. Although the duration of the exposure remains unclear, Cybernews analysts believe “it’s likely that threat actors have found it, too.”

Read the full article here

Share.

Leave A Reply

Your road to financial

freedom starts here

With our platform as your starting point, you can confidently navigate the path to financial independence and embrace a brighter future.

Registered address:

First Floor, SVG Teachers Credit Union Uptown Building, Kingstown, St. Vincent and the Grenadines

CFDs are complex instruments and have a high risk of loss due to leverage and are not recommended for the general public. Before trading, consider your level of experience, relevant knowledge, and investment objectives and seek financial advice. Vittaverse does not accept clients from OFAC sanctioned jurisdictions. Also, read our legal documents and make sure you fully understand the risks involved before making any trading decision