Crypto.com data leak flagged

A reported leak tied to Crypto.com exposed identity and financial records that customers submit to open and keep accounts. (x.com) The claim surfaced in a post by Daily Dark Web linking the material to Crypto.com users and describing files that included email addresses, identity documents and “source of funds” records. Bloomberg reported in September 2025 that Crypto.com had suffered a previously undisclosed 2023 breach tied to the Scattered Spider hacking group. (x.com) (bloomberg.com) Crypto.com said the Bloomberg report was “unfounded” as a description of an undisclosed breach and said the 2023 incident was a social-engineering attack on an employee account that was contained within hours. The company said the impact was limited to a “small number” of users and that no customer funds were compromised. (cointelegraph.com) (en.cryptonomist.ch) Know your customer checks are the identity checks banks and exchanges use before letting people move money. Crypto.com’s help pages say users may be asked for a government-issued identification document, a selfie and, in some cases, documents showing the source of their funds. (help.crypto.com 1) (help.crypto.com 2) That makes a leak like this different from a password dump. A passport image, face scan, home address or source-of-funds file can be reused in impersonation, account-takeover and social-engineering schemes long after a platform resets a login. (crypto.com) (help.crypto.com) Crypto.com’s United States privacy notice says it collects biometric data from selfies and photo identification documents to verify identity. Its support pages also say customer-authentication checks can require a secure upload of an identity document and a face video. (crypto.com) (help.crypto.com) The dispute around this case has centered on disclosure as much as intrusion. Cointelegraph reported that Chief Executive Kris Marszalek said the company had disclosed the 2023 incident to regulators, while critics focused on whether affected users were told publicly at the time. (cointelegraph.com) (en.cryptonomist.ch) The wider industry has already shown how valuable this data is to attackers. Bloomberg reported in May 2025 that Binance and Kraken were targeted with Coinbase-style social-engineering attacks, and Coinbase said that month that bribed support workers leaked customer data during an extortion attempt. (bloomberg.com 1) (bloomberg.com 2) For Crypto.com users, the immediate question is not only whether a login is safe, but whether documents submitted for compliance are circulating beyond the platform that collected them. Crypto.com says its systems are built on security, privacy and compliance controls, but the reported leak has renewed scrutiny of how financial platforms store and limit access to identity files at scale. (crypto.com) (x.com)