Focus Mode
Cyber Attack

Threat Actor Leaks KYC Data of Embily Crypto and Fractal ID

DailyDarkWeb

Threat Actor: UnicornLover67 | UnicornLover67
Victim: Embily.com | Embily.com
Price: Negotiable (to buy back data)
Exfiltrated Data Type: KYC Data

Key Points :

  • The threat actor claims to have dumped all KYC data from Embily, including personal information and identification documents.
  • The hacker provided sample PDFs demonstrating the scope of the data, which includes sensitive personal details.
  • The actor suggests that Embily should negotiate to buy back the data to prevent further exposure.

Threat Actor: UnicornLover67 | UnicornLover67
Victim: Fractal.id | Fractal.id
Price: Negotiable (to buy back data)
Exfiltrated Data Type: KYC Records

Key Points :

  • The threat actor claims to have stolen 55,000 KYC records from Fractal.id, including names, emails, and physical addresses.
  • The stolen data also contains scans of physical documents and liveness videos.
  • The hacker is awaiting a response from Fractal.id regarding a potential buyback of the stolen data.

A threat actor using the handle “UnicornLover67” claims to have dumped all KYC (Know Your Customer) data from the crypto bank visa card provider, Embily.com. The hacker has provided five sample PDFs to illustrate the scope of the data, which includes:

  • Personal information: First name, last name, gender, birthdate, country, nationality, personal ID, document number (passport/driving license), document issue date, and expiry.
  • Registration details: Email, phone number, IP address, device type, browser, etc.
  • Identification documents: Front and back of IDs, selfies.
  • Verification details: Face match evaluation, validation checks, registry checks, liveness video, document photo.

The hacker suggests that Embily.com should contact them to buy back and delete the data to prevent further exposure.

Second Alleged Data Breach: Fractal.id

In another post, the same threat actor targets Fractal.id, claiming to have stolen 55,000 KYC records. The stolen data includes:

  • Personal information: Names, emails, phone numbers, physical addresses, crypto wallets, scans of physical documents.
  • Additional details: Date of birth, scan details, liveness videos.

The hacker has mentioned that they will upload a censored sample and is waiting for Fractal.id to confirm or deny if they want to buy back the data. The hacker advises Fractal.id to buy the data back to ensure it is deleted securely.

Both breaches highlight the critical need for robust cybersecurity measures and immediate action by the affected companies to mitigate potential damage.

The post Threat Actor Claims to Have Leaked KYC Data of Embily Crypto and Fractal ID appeared first on Daily Dark Web.

Tags: BROWSER, EMAIL, BANK, CRYPTO, DARK WEB