The latest cyberattack on Coin Cloud, a now-defunct Bitcoin ATM company, has escalated concerns over the physical safety of exposed users. An anonymous hacking group claims to have infiltrated the personal information of 300,000 Coin Cloud customers, including critical details such as social security numbers, dates of birth, names, email addresses, telephone numbers, current occupations, and physical addresses, according to cybersecurity account Vx-underground.
This extensive breach of sensitive data raises severe threats to the affected individuals, exposing them to potential physical harm and various forms of exploitation. Particularly alarming is the acquisition of 70,000 customer selfie verifications by hackers, compromising privacy and opening the door to identity theft and fraudulent activities. The compromised data, encompassing both U.S. residents and users from Brazil, amplifies the scale and reach of the security breach.
The exposure of such personal and detailed information creates opportunities for malicious actors to carry out physical threats, including stalking, harassment, or targeted attacks. Beyond financial risks, victims may find themselves vulnerable to real-world dangers, emphasizing the urgent need for enhanced cybersecurity measures and proactive efforts to safeguard sensitive data.
Vx-underground also revealed that the hackers had stolen the source code to the entire backend of Coin Cloud. Formerly the largest operator of digital currency machines in the United States, with over 1,100 Bitcoin ATMs globally in January 2022, Coin Cloud aimed for expansion into major U.S. retail chains. However, facing challenges amid the crypto winter in mid-2022, the company filed for bankruptcy in February, with Genesis Global Trading emerging as its largest creditor, according to court filings.