Data Security, Cloud Security

Misconfiguration reveals FTX Japan user info

concept of leaky software, data with a tap sticking out.3d illustration

Cryptocurrency platform FTX Japan had personal and financial information from 35,668 users inadvertently exposed by an unsecured Amazon S3 bucket more than a year after its shutdown, Cybernews reports.

More than 26 million files including financial reports, transaction logs, and user details, such as names and usernames, FTX account IDs, as recent as July 4, 2024 were included in the exposed bucket, which is believed to have continued collecting data following the end of FTX Japan's customer withdrawal obligations in early 2023. FTX Japan has since been purchased and renamed by cryptocurrency exchange bitFlyer into Custodiem. "It is unclear whether the discovered leak belongs to the actively used Custodiem infrastructure, or is an abandoned, unmodified artifact remaining after the FTX collapse. Therefore, it's also not clear if the personal data belongs to the users of Custodiem, or if the data belongs to customers of FTX Japan, who may have refused to transfer to Custodiem after the collapse," noted the Cybernews research team.

An In-Depth Guide to Cloud Security

Get essential knowledge and practical strategies to fortify your cloud security.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds