- FTX closed in 2021, but continued generating data in the backend
- Contact information about more than 35,000 FTX Japan users found with escape
- The company could face regulatory pressure as a result
FTX Japan, the Japanese arm of FTX dead cryptocurrency exchange, leaked confidential data on more than 35,000 users, which puts them at risk of phishing and identity theft, experts have warned.
Researchers from Cybernews He said they found a database exposed with 26 million files, including user names and real names, email addresses, postal addresses, FTX account and detailed transactions records, including information on loans and loans, cryptocurrencies, guarantees, margin rates and risk flags.
The files are also relatively frequent, since some of the records were apparently generated in July 2024.
Worrying implications
Explaining how it is possible that an exchange that will be closed at the end of 2021 will still be generated, and thus filtering files, already in 2024, Cybernews This FTX Japan completed its bankruptcy and retreats in February 2023, but its backend systems probably remained active throughout 2024.
After the consequences of FTX, his Japanese subsidiary was acquired by another exchange of Japanese encryption called Bitflyer, and was renamed Custodiem in 2024.
“It is not clear if the discovered escape belongs to the custodiem infrastructure used actively, or is an abandoned and non -modified artifact that remains after the FTX collapse,” the Cybernews The researchers explained.
The implications are worrisome, since cybercriminals can use information to attack people who have already lost a lot in bankruptcy. For example, Celsius customers (another cryptographic company that declared bankruptcy at approximately at the same time), are being bombed with phishing emails in which criminals get through the company and claim that the victims are eligible for retreats.
At the same time, the company itself is risking additional regulatory pressure and possibly fines, as a result.
CyberNews also said that data escape raises concerns about privacy and regulatory compliance, since according to Japanese laws, cryptographic companies must keep the high standards.
How to stay safe
The violation means that cybercriminals could have a field day with filtered data, which should be more than enough confidential information to launch highly personalized and successful phishing campaigns, which leads to identity theft, wire fraud and even ransomware attacks.
If you are worried that you have been caught in the incident, do not worry, there are a number of methods to find out. Haveibeenpwned? It is probably the best resource to verify if your data has been affected, offering a decrease in each large cybercrime incident of recent years.
And if you keep the passwords on a Google account, you can use the Google password verification tool to see if any has committed, or register in one of the best password administrator options that we have rounded to make sure that its session is protected.
