The cybersecurity industry was thrown into the spotlight in a surprising turn of events when unknown hackers claimed to have penetrated Coin Cloud, a once-thriving Bitcoin ATM startup that filed for bankruptcy in February. The ramifications of this claimed theft are extensive, with reports of stolen customer images and sensitive personal data such as Social Security numbers, dates of birth, and more. As the dust settles, questions about the exact scope of the breach remain, leaving both the business and the public in the dark.

Bitcoin ATM company Coin Cloud got hacked. Even its new owners don’t know how.
Image: Bloomberg

The Unknown Hack

According to vx-underground, the first rumors of the breach arose on X (previously Twitter) in November. The hackers boasted about stealing 70,000 client images obtained by the ATMs' embedded cameras, as well as personal information from 300,000 consumers. A sobering inventory of Social Security numbers, email addresses, phone numbers, and other information offered a bleak picture of the security landscape.

Despite the gravity of the allegations, no party has publicly acknowledged responsibility for the breach. A month later, the mystery surrounding Coin Cloud's fate remains, even as the company changes hands.

From Bitcoin ATM Giant to Bankruptcy: Coin Cloud

Coin Cloud, formerly a mainstay with thousands of Bitcoin ATMs across the United States and Brazil, filed for bankruptcy in February due to financial difficulties. In July, Genesis Coin, another Bitcoin ATM provider, bought a sizable 5,700 ATMs from the defunct Coin Cloud, filling a hole created by its liquidation.

This acquisition, announced in a press release, marks a crucial turning point in the ongoing story of Bitcoin ATMs. Genesis Coin, which was bought earlier this month, underwent a makeover coordinated by Andrew Barnard and partners, who were already involved in the cryptocurrency ATM sector through their company, Bitstop.

The Investigation Puzzle

When the alleged breach became public, Andrew Barnard, now the CEO of the re-branded Bitcoin ATM company, launched an inquiry. However, there remains a cloud of doubt surrounding this investigation, as Barnard disclosed that the organization was unable to establish when the incident happened or identify the offenders.

Barnard described the event as "mysterious," and hypothesized that the data breach could have originated when Coin Cloud was still in service. He speculated that the corrupted data was only recently discovered as a result of a lack of controls throughout the software development process and the access allowed to several international contractors.

Data Breach Decryption

The scenario becomes more complicated since Barnard speculates that if someone accessed the source code, which contained admin credentials to the database, they would have unrestricted access to all client information subject to Know Your client (KYC) checks. KYC checks, which are essential for fraud protection and anti-money laundering operations, frequently require clients to present identification documents.

An unnamed former Coin Cloud employee revealed the company's internal flaws. The ex-employee described Coin Cloud as "an absolute disaster to work for," revealing the lack of a security staff and suggesting that the company may have been hacked prior to the alleged incident last year. Worryingly, unencrypted data storage methods without encryption exacerbated the security vulnerabilities.

The drama surrounding Coin Cloud's alleged attack raises serious worries about the cryptocurrency industry's security infrastructure. The incident serves as a sharp reminder of the crucial necessity for robust security measures, tight controls, and a proactive approach to preserving client data as the sector grapples with shifting threats.

Post a Comment