Zondacrypto client data end up for sale on the darknet

Customer data from the failed exchange Zondacrypto, one of the largest in Poland and the region, has reportedly ended up on the darknet.

News of the leak comes after the platform halted withdrawals amid liquidity issues, followed by the suspected disappearance of its chief executive.

Zondacrypto client information sold for cheap to fraudsters

Personal details of traders on Zondacrypto, a major exchange on the Polish market, can now be purchased for a few hundred euros on the darknet, according to local reports.

The leak from the coin trading platform’s customer database, which is yet to be officially confirmed, adds to the troubles with the Estonia-registered crypto service provider.

Zonda’s website has been down for days, and when it’s back online, logging into accounts has been next to impossible, as per the leading Polish crypto news portal, Bitcoin.pl.

That’s after the exchange stopped processing client transactions earlier this month, most notably withdrawals, following media revelations that its reserves had been almost fully depleted.

User data has now been put up for sale, news articles and social media posts claim. Rafał Łapać, a Polish game developer and crypto enthusiast, recently took to X to unveil:

“I received information from a trusted person working in cybersecurity: Zonda’s customer database has already ended up on the darknet.”

Two sets of information have been offered, he added. The smaller, cheaper package, which includes email addresses and other basic identification data, can be bought for as little as 550 euros.

The larger and more expensive file contains much more, including scans of ID documents, verification selfies, login histories, and wallet addresses. Its price is approximately 0.6 BTC.

The comprehensive set can be a desired tool for cybercriminals, who can use it to impersonate people and commit serious financial fraud, experts in the field say.

The information can be employed to open bank accounts, take out loans, or sign contracts without the victims’ knowledge, they elaborated, listing the potential consequences.

Zonda users advised to do what they can to protect their data

If the reported security breach proves real, Zondacrypto customers can still take certain measures to prevent further damage.

One option is to block their PESEL number, the unique identification code issued to Poles, which features basic personal info such as date of birth and gender.

This can be done quickly and free of charge through mObywatel, the app that allows citizens and residents of Poland to securely store identity documents in digital format and access government services through their mobile devices.

On Wednesday, Bitcoin.pl also advised readers who traded on the troubled exchange to change their passwords for all services, for which they used the Zonda login details, and enable two-factor authentication.

The website also urged crypto investors to be wary of offers for recovery of lost funds, as these may be merely attempts to steal what’s left of their money.

Clients of the Polish-rooted platform, which operates under an Estonian license, can also apply for state compensation in both countries, the financial news outlet Bankier.pl reported last week.

According to law enforcement authorities, some 30,000 people may have been affected by the collapse of the exchange, with their losses exceeding 350 million złoty (over $95 million).

Zondacrypto saga continues to unfold

The problems at Zondacrypto started after media reports quoted an analysis by the market intelligence firm Recoveris showing that the platform had lost over 99% of its reserves.

While rejecting claims the exchange is at the brink of insolvency, its CEO Przemysław Kral admitted the company did not have access to a wallet with 4,500 BTC, worth over $330 million. He blamed the founder, Sylwester Suszek, for never handing over the key before he went missing in 2022.

Zond is also at the heart of a major political conflict in Warsaw between the government led by Prime Minister Donald Tusk and President Karol Nawrocki.

They are clashing over the future of cryptocurrency regulation in Poland, which is yet to implement the EU’s Markets in Crypto Assets (MiCA) rules.

The smartest crypto minds already read our newsletter. Want in? Join them.