Skip to main content

A recent investigation has revealed that, a prominent Iranian cryptocurrency trading platform, accidentally exposed the personal data of nearly 230,000 users. This incident occurred due to a misconfiguration in the platform’s cloud storage system.

Cybernews conducted the investigation and discovered that left its high-performance object storage system instance unsecured. This oversight led to the unintended public access to cloud storage containers holding the platform’s Know Your Customer (KYC) information.

The exposed data included users’ written consents to regulations and sensitive personal details, such as passport, ID, and credit card information. Despite the significant security lapse, a spokesperson from refuted the claims of a data breach.

“The reference to a misconfigured MinIO instance granting access to S3 buckets containing KYC data is wholly untrue and does not align with our system architecture or security protocols. We can confirm that our MinIO setup and cloud storage containers remain secure, and there has been no unauthorized access to any sensitive user data,” stated Hossein Amini, a security engineer at

While Amini reassured the safety and security of user data, Cybernews advised concerned users to contact’s support for more information. is among several Iranian crypto exchanges that have seen significant transaction volumes in 2022. According to a report by TRM Labs, these exchanges, including, Excoino, and Aban Tether, were responsible for 12% of the total funds transferred to Iranian exchanges during the year. The report further noted that the majority of these funds came from external exchanges, followed by smart contracts and unhosted wallets.