Gate News reports that on March 30, according to the cybersecurity platform VECERT disclosed on March 28, hackers operating under the name PexRat are selling a database on the dark web containing personal information of 1.5 million users from a certain CEX. The data includes sensitive information such as names, email addresses, phone numbers, KYC verification status, login IP addresses, and two-factor authentication methods. Analysis indicates that this incident was not a direct breach of the exchange’s internal servers, but rather that the attackers bypassed the CAPTCHA mechanism, obtaining data through credential stuffing and automated scraping methods. Affected users face a high risk of SIM card hijacking and phishing attacks. At the time of this incident, the exchange’s institutional OTC trading business is experiencing rapid growth, with trading volume already reaching 25% of the total for the entire year of 2025 within just January and February. This is the second data security crisis the exchange has faced, following the leak of 420,000 account credentials in January.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
