Trust Wallet halts Transak onramp after data breach

Trust Wallet temporarily suspended Transak’s fiat-to-crypto payment service after the Miami-based firm suffered a data breach.

According to Transak’s official statement, hackers gained compromised credentials through “unauthorized access” to a third-party employee’s laptop. The sophisticated phishing tactic used against a Transak KYC vendor allowed criminals to obtain personal data like names belonging to over 92,554 users.

Due to the recent security incident with @Transak, we’ve taken precaution and temporarily removed their onramp service from Trust Wallet for your protection. Rest assured, user’s funds remain safe as no sensitive wallet information is exposed to any of our onramp providers. Stay… https://t.co/xRB1ZB1Dtt

— Trust Wallet (@TrustWallet) October 21, 2024

More than 5 million people use Transak’s service, and less than 2% of its users were impacted, per the company’s blog post on Oct. 21. The firm said it has engaged law enforcement to help in the investigation and disclosed plans to contact all affected users.

Several digital asset storage providers like Trust Wallet, Metamask, Ledge, and Coinbase employ Transak’s fiat-to-crypto or onramp payment corridor to ferry value from currencies like U.S. dollars to Bitcoin (BTC) or Ethereum (ETH).

More crypto wallet companies may pause support till the situation is rectified. Still, the firm stressed that the stolen KYC materials have not emerged as part of nefarious activities. A leading cybersecurity firm