Swedish crypto exchange QuickBit has confirmed the data leak of 300,000 records that have been left exposed to the public by a contractor of the company during a security update.
QuickBit – that is listed on the NGM Nordic MTF stock market – has seen its MongoDB database released to the public without the need of any authentication.
Criminals can use leaked records for identity theft
The data leak of the Swedish cryptocurrency exchange was discovered by Comparitech and security researcher Bob Diachenko on July 2. According to the magazine, QuickBit’s database was leaked on June 28 when it was first indexed by the security aggregator Shodan.
After the security researchers have discovered the data leak, they immediately alerted QuickBit. Following their conversions, the crypto exchange has initiated a full security audit and published a report of the incident on July 19.
According to Comparitech – while they know the number of records exposed in the data leak – it still remains a question how many users were affected in the incident.
The researchers are also unsure whether malicious parties were able to access or copy the information from the leaked database during the six days it was exposed to the public.
Instead of user records, the exposed database included 301,470 events records, referring to the transactions that were conducted on the crypto exchange’s platform.