The identity verification company, which works on behalf of TikTok, X and Uber, has released a series of administrative credentials for more than a year. . Israel-based AU10TIX verifies users’ identities using images of their faces and driver’s licenses, potentially exposing both to hackers.
“My personal reading of this situation is that the identity verification service provider was entrusted with people’s identities and failed to take simple measures to protect people’s identities and sensitive identity documents,” Mossab Hussein, chief security officer at cyber security firm spiderSilk, first noticed. arrived. exposed credentials, he said.
A set of exposed admin credentials led to the login platform, which in turn contained links to identity documents. There is even some reason to doubt that bad actors obtain these credentials and actually use them.
According to the timestamps and messages it obtained, they were collected by the malware in December 2022 and posted to the Telegram channel in March 2023. 404 Media. The news organization downloaded the credentials and found multiple passwords and authentication tokens associated with a person listing his role on LinkedIn as Network Operations Center Manager at AU10TIX.
If hackers get hold of customer data, it will include the user’s name, date of birth, citizenship, ID number and images of uploaded documents. It’s almost all an internet gollum needs to steal your identity. All they have to do is grab the credentials, log in, and start wreaking havoc. Yes.
AU10TIX released a statement on the matter, writing that “data is potentially available” but “has seen no evidence that such data has been exploited.” The company said affected customers have been notified and is decommissioning the existing operating system in favor of a new one that focuses more on security.
Some of their partners changed verification companies before this problem appeared. A spokesperson for Upwork said it “has been working with a different service provider for some time now.” X, but registered with AU10TIX and uses government-issued ID cards check premium users. Others, such as Fiverr and Coinbase, said they were not aware of any data breaches, although they still work with AU10TIX.
Dumping customer data on Telegram or the dark web has become the most popular way for hackers to do their job. At the end of March, more than 73 million AT&T passwords . LoanDepot as he did .
