Skip to content

Coin Cloud Data Breach 2023 | 3 Lakh Customers Affected

coin cloud data breach

In February 2023, Coin Cloud, a major Bitcoin ATM operator, filed for bankruptcy. Months later, in November 2023, the cybersecurity collective vx-underground revealed a shocking truth: the company had been hacked.

The extent of the breach, however, remains unclear, leaving customers and industry experts with more questions than answers.

Coin Cloud Data Breach

What We Know:

  • Hackers claim to have stolen sensitive data from Coin Cloud, including:
    • 70,000 customer photos taken from ATM cameras
    • Personal information of 300,000 customers, potentially including Social Security numbers, dates of birth, addresses, and more
  • Nobody has publicly claimed responsibility for the hack.
  • Coin Cloud’s new owners, who acquired some of the company’s assets through bankruptcy proceedings, have not been able to determine when or how the breach occurred.

The Shadowy Culprits

However, despite the gravity of the claims, the alleged data breach remains shrouded in mystery. No group has officially taken credit for the hack, and details regarding the specific vulnerabilities exploited remain scarce.

This lack of clarity has fueled speculation and anxiety amongst Coin Cloud’s former customers.

A History of Vulnerability

The Coin Cloud hack raises questions about the company’s past security practices. A former employee, speaking anonymously, revealed that Coin Cloud lacked a dedicated security team and stored sensitive data in plaintext, meaning it was not encrypted.

The New Owners Respond

Andrew Barnard, CEO of Bitcoin ATM (the company formed after acquiring Coin Cloud’s assets), acknowledges the breach but remains uncertain about the details.

The lack of transparency and security controls at Coin Cloud prior to its bankruptcy is suspected to have played a major role in the breach.

Barnard pointed out the “little controls throughout the software development process” and the access granted to “multiple international contractors” with potential knowledge of sensitive information.

Investigating the Mystery

The vx-underground revelation has sparked an investigation by Bitcoin ATM, but they have been unable to determine the exact timeframe of the breach or identify the perpetrators.

Barnard speculates that hackers may have accessed the source code, which contained sensitive information like database credentials.

Customer Concerns

The data breach poses a significant risk to Coin Cloud customers whose information was compromised. Stolen data could be used for identity theft, phishing scams, and other malicious activities.

Uncertain Future

The Coin Cloud hack serves as a stark reminder of the crucial role cybersecurity plays in the digital age. As the cryptocurrency industry continues to evolve, it’s essential for companies to prioritize robust security measures to protect their customers’ sensitive data.

Looking Ahead:

As Bitcoin ATM assumes ownership of Coin Cloud’s legacy, they face the responsibility of ensuring the safety and security of customer data.

The investigation continues, it is crucial for the Bitcoin ATM company to prioritize transparency and implement stronger security measures to protect its customers and regain trust in the industry.

You can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram, Keybase and Wire @lorenzofb, or email lorenzo@techcrunch.com.

Kevin James

Kevin James

I'm Kevin James, and I'm passionate about writing on Security and cybersecurity topics. Here, I'd like to share a bit more about myself. I hold a Bachelor of Science in Cybersecurity from Utica College, New York, which has been the foundation of my career in cybersecurity. As a writer, I have the privilege of sharing my insights and knowledge on a wide range of cybersecurity topics. You'll find my articles here at Cybersecurityforme.com, covering the latest trends, threats, and solutions in the field.