Trident Crypto Fund was the victim of a large-scale data leak.
The breach resulted in the leak of 10,000 users’ records and took advantage of vulnerabilities found on the foundation’s website.
The data of about 266,000 people registered with the fund was posted on numerous file-sharing websites, post the hack.
The database contains e-mails and passwords of customers, with the help of which fraudsters logged into their personal account and withdraw money invested in their electronic wallets.
The hackers were able to decrypt and publish a list of 120,000 passwords.
Source: https://eng.ambcrypto.com/malta-based-crypto-fund-suffers-data-breach-10k-user-records-affected/
TPRM report: https://scoringcyber.rankiteo.com/company/trident-trust
"id": "tri2120231222",
"linkid": "trident-trust",
"type": "Data Leak",
"date": "03/2020",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 266000,
'industry': 'Cryptocurrency',
'name': 'Trident Crypto Fund',
'type': 'Financial'}],
'attack_vector': 'Website Vulnerabilities',
'data_breach': {'data_exfiltration': True,
'number_of_records_exposed': 266000,
'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['E-mails', 'Passwords']},
'description': 'Trident Crypto Fund suffered a large-scale data leak '
'resulting in the exposure of user records due to '
'vulnerabilities on their website. The data of 266,000 '
'registered users was posted on file-sharing websites, leading '
'to unauthorized access to personal accounts and financial '
'losses.',
'impact': {'data_compromised': ['E-mails', 'Passwords']},
'initial_access_broker': {'entry_point': 'Website Vulnerabilities'},
'motivation': 'Financial Gain',
'post_incident_analysis': {'root_causes': 'Website Vulnerabilities'},
'title': 'Trident Crypto Fund Data Leak',
'type': 'Data Leak',
'vulnerability_exploited': 'Website Vulnerabilities'}