AU10TIX, an Israeli-based cybersecurity firm specializing in real-time identity verification solutions, manages identity verification for social platforms like TikTok, X, LinkedIn, and Coinbase. However, the company recently faced a security breach that exposed administrative credentials for over a year, granting unauthorized access to sensitive data, including identity documents.
According to 404Media, threat actors gained access to the exposed credentials and potentially viewed personal information such as name, date of birth, photograph, nationality, and identification number. This information was obtained through malware in December 2022 and shared on a Telegram channel in March 2023. AU10TIX has acknowledged the potential accessibility of the data but denies any reports of malicious use.
Among AU10TIX’s clients are popular digital services like TikTok, X, Uber, LinkedIn, PayPal, and Coinbase. Some clients had already discontinued using the firm’s services before the security breach occurred, according to reports. AU10TIX is taking steps to enhance its security measures, such as changing its operating systems, and has informed affected parties about the incident.