A possible data breach is investigated at the UK Bitcoin Exchange CoinCut, which displays sensitive customer data, including passport and data card, publicly.
Last week's visitors were obviously able to have access in directories that included images of passports, personal IDs and credit and debit cards.
The company's spokesman, Dax Chan, said the company was treating the incident as "malicious".
"We are trying to understand how this directory has become visible in the world - and how the problem has leaked so quickly, as we are a relatively small Bitcoin vendor in a huge market," he said, according to CoinDesk.
If he is right, CoinCut customers could be at risk of having their identity stolen or possibly being tracked by phishing attacks, as the stolen data will leak into the cyber "criminal underground" and into the hands of online fraudsters.
Robert Hansen, vice-president of WhiteHat Safety, argued that the incident is not unusual.
«Έχω δει μια σειρά από εφαρμογές που έχουν παρόμοια τρωτά σημεία. Είναι πολύ κοινό για τους ιστοχώρους να αποθηκεύουν ευαίσθητες πληροφορίες σε δημόσια προσβάσιμα Web directories», πρόσθεσε. «Είναι μια τετριμμένη attack create a cross-directory or loop through the filenames to determine what other things might be in the same directory.”
He added that it is strange for CoinCut to claim he was surprised by the speed of data leakage.
"Information leaks from people who want to use a pseudo-anonymous (pseudo-anonymous) currency is perhaps some of the most valuable evidence on earth for ghosts, competitors, and the security research community,” he claimed.
Security concerns remain one of the most important barriers to the absolute adoption of Bitcoin, with incidents that serve only to reinforce the second thoughts about crypto-currency.
