- 1000+ customer data was compromised in a recent hacking of CryptoTrader.Tax
- the hacker on a dark web forum, it all began when the hacker first broke into a CryptoTrader.Tax employee’s account on a support centre platform.
- the Stripe website denies disclosing physical addresses or credit, debit and banking details.
Cryptocurrency is tricky territory as imposters could be lurking where you expect them the least. No matter how smart cryptocurrency curators sare, hackers always seem to be one step ahead. As reported by Coindesk, CryptoTrader.Tax, a crypto tax reporting service provider, has become the latest victim of crypto-hacking in which approximately 1,000 plus customer data was compromised.
Operated by Kansas City-based Coin Ledger Inc., crypto tax filing platform CryptoTrader.Tax enables investors to import trades from 36 cryptocurrency exchanges and auto-generate cryptocurrency income profits and losses in tax reports exportable to tax preparation software TurboTax.
How did the hack happen?
According to a source who chanced upon the hacker on a dark web forum, it all began when the hacker first broke into a CryptoTrader.Tax employee’s account on a support center platform. Gaining the access revealed names, email addresses, payment processor profiles and customer messages to the hacker, and also included cryptocurrency incomes in certain cases.
Next, the scamster took screenshots of samples of the sophisticated information, and shared them on the forum to lure potential buyers of with the stolen data reserve. Next, the culprit also sent additional pictures to the source, who shared the proofs with CoinDesk.
Investigating the crypto data breach
David Kemmerer, a co-founder and CEO, CryptoTrader.Tax, had confirmed that a hacker gained unauthorized access on April 7 to the marketing and customer service employee’s account. The hacker gained access to support center details, and downloaded a file containing 13,000 rows of information, including 1,082 unique email ids.
Kemmerer also informed that CryptoTrader.Tax’s security team investigated the breach and thankfully, found that tax filing account passwords as well as CryptoTrader.Tax’s website were not compromised. All those affected by the hack were cautioned immediately, while security and monitoring systems across internal and third-party applications were amped up.
Billing information is entered into Stripe-a payment processor-which in turn is linked to CryptoTrader.Tax’s support center platform and shows customers’ email addresses and general locations. However, the Stripe website denies disclosing physical addresses or credit, debit and banking details.
Further probe by CoinDesk and Kemmerer also revealed that the hacker also accessed marketing communications, referral codes, commission earnings and revenues from affiliates who promote the portal’s service on various virtual platforms.
Crypto Frauds on the rise
The hacking incident is not an exception, but a stark reality in times of constantly innovating technological landscape. Earlier this year, there was a similar data breach with popular Bitcoin lending platform Blockfi. The crypto hack sure led to the exposure of customer details, however, highly confidential information including passwords and customer deposits were unaffected. Cybersecurity firm Cipher Trace published a report with findings that crypto fraud worth $1.4 billion dollars have taken place so far in 2020.