Nigerian cryptocurrency exchange Bitnob has leaked over 250 sensitive KYC (Know Your Customer) data due to misconfigured Amazon Web Services storage.
An investigation by the analytics company Cybernews showed that the first leaks were discovered on September 11. The ID cards and driver's licenses of Bitnob users were made publicly available.
Cybernews experts have established that the hacked Amazon Web Services storage facility belongs to Bitnob, a fintech platform headquartered in Lagos, Nigeria, the Cybernews report states.
Analysts noted that the documents needed to complete the KYC procedure are currently in high demand on darknet markets, with scans of digital passports selling for $15.
Cybernews attributed the leak to “likely human error,” citing misconfiguration as a potential cause. And while Bitnob has since stepped up its security measures to protect user data, it has yet to issue any official statements regarding the incident.
The cryptocurrency platform, founded in 2020 by Adeolu Akinyi, Bernard Para and Usman Majeed, is based in Lagos and offers Bitcoin-based services such as transfers, storage and loans across Africa.
