Ransomware victim disclosure
← All victimsTransak.com
Claimed by Stormous · listed 2 years ago
Status timeline
- ListedOct 31, 2024
- Data leakeddate unknown
At a glance
- Group
- Stormous
- Status
- Data leaked
- Country
- United Kingdom
- Sector
- Financial
- Listed on leak site
- Oct 31, 2024
- Data size
- 300 GB
About the victim
AI dossier — public-source company profileTransak is a developer-focused fiat-to-crypto onramp platform operating in the United Kingdom (FCA-authorized) and United States (MSB-registered). The company provides SDKs and APIs enabling users to buy and sell cryptocurrency across 64+ countries and 600+ integrated apps including MetaMask, Uniswap, and Trust Wallet.
- Industry
- Cryptocurrency & Fintech / Payment Processing
Attack summary
Severity: critical — Confirmed exfiltration of 300GB of sensitive PII and KYC data at scale (government IDs, financial records, biometric selfies) from a platform serving hundreds of thousands of crypto users globally. This represents regulated financial KYC information with direct identity and fraud risk.Stormous claims to have exfiltrated 300GB of data from Transak, including sensitive KYC documents (government-issued IDs, proof of address, financial statements, and user selfies). The group has published the data without disclosing ransom demands.
Data the group says was taken
AI dossier — extracted from the leak post- Government-issued ID documents
- Proof of address documentation
- Financial statements
- User photographs (selfies)
- KYC records
What the group claims
Data Size: 300GB, Status: ?, Data Type: We have extracted more than 300GB of data, which includes sensitive personal documents such as government-issued IDs, proof of address, financial statements, and user selfies
Sources
- Victim sitetransak.com
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

