TL;DR
- Fractal ID, a digital identity verification provider for Web3 projects, experienced a data breach affecting over 50,000 users, approximately 0.5% of its total user base.
- The incident occurred on July 14th when an unauthorized third party accessed the system using an API script, compromising names, email addresses, phone numbers, physical addresses, and KYC documents.
- The company has taken swift action to mitigate the impact, implementing additional security measures and notifying relevant authorities, though they assure that it only affected their internal environment.
Fractal ID, a provider of digital identity verification for Web3 projects, has experienced a serious security incident that compromised the personal information of over 50,000 users, approximately 0.5% of its total user base.
The incident occurred on July 14th, when an unauthorized third party accessed the system using an API script, allowing the extraction of sensitive data such as names, email addresses, phone numbers, physical addresses, and KYC document images.
The company has responded promptly to contain the breach’s impact, implementing additional security measures and notifying relevant authorities, including the cybercrime division. They assure that the incident was limited to their environment and did not affect their clients’ systems, but they have advised affected users to remain vigilant against possible fraudulent communications that may attempt to exploit the stolen information.
Despite the Incident, Fractal ID (FCL) Has Not Lost Value
Fractal ID is widely used by various Web3 projects, including platforms and companies like Polygon ID, Ripple, XRP Ledger, Avalanche, and others. The company aims to promote “true ownership of data” through decentralized identity solutions, but the incident raises serious doubts about the effectiveness of its decentralized approach in protecting sensitive data.
The crypto community has responded with criticism, questioning Fractal ID’s ability to safeguard users’ personal information. The breach not only jeopardizes the privacy of those affected but could also be used for fraudulent activities such as creating fake accounts, phishing attacks, and potential identity theft.
However, the price of the token associated with Fractal ID, FCL, did not suffer major repercussions; after a brief drop, its value increased by 5%, with the current price at $0.008744. Meanwhile, affected users are advised to carefully review their accounts, update their online security measures, and remain alert to any suspicious activity that may arise as a result of this data breach.