Possible being investigated infringement data in the UK Bitcoin exchange CoinCut, which exposes sensitive customer data, including passport and data card, publicly.
Last week's visitors were obviously able to access directories that included passports, personal IDs, and credit and debit cards.
The company's spokesman, Dax Chan, said the company was treating the incident as "malicious".
"We are trying to understand how this directory has become visible in the world - and how the problem has leaked so quickly, as we are a relatively small Bitcoin vendor in a huge market," he said, according to CoinDesk.
If he is right, CoinCut customers may be in danger theftof their identity or their possible tracking by phishing attacks, as the stolen data will leak into the cyber "criminal underground" and into the hands of online fraudsters.
Robert Hansen, vice-president of WhiteHat Safety, argued that the incident is not unusual.
“I've seen a number of apps that have similar vulnerabilities. It is very common for websites to store sensitive information in publicly accessible Web directories,” he added. "It is a trivial attack to create a cross directory or traverse the names of files to determine what other things may be in the same catalog.”
He added that it is strange for CoinCut to claim he was surprised by the speed of data leakage.
“Leaks of information from people who want to use a pseudo-anonymous currency are perhaps some of the most valuable data on earth for ghosts, adversaries, and the security research community,” he claimed.
Security concerns remain one of the most important barriers to the absolute adoption of Bitcoin, with incidents that serve only to reinforce the second thoughts about crypto-currency.
