Express
Bitrefill discloses suspected North Korean hacker attack leading to customer data leak, has closed related systems for isolation
Summary: Bitrefill, a bitcoin payment service provider, revealed on X platform that it suffered a cyber attack on March 1, 2026, resulting in customer data leakage. The attack originated from an employee's compromised laptop, leading to access to some databases and cryptocurrency wallets by the attacker. Investigation shows that the attack method is highly similar to ...
Bitrefill, a bitcoin payment service provider, revealed on X platform that it suffered a cyber attack on March 1, 2026, resulting in customer data leakage. The attack originated from an employee's compromised laptop, leading to access to some databases and cryptocurrency wallets by the attacker. Investigation shows that the attack method is highly similar to past attacks by North Korean DPRK Lazarus/Bluenoroff hacker groups targeting crypto companies, with approximately 18,500 purchase records involving limited customer information (email, encrypted payment address, and IP metadata), including around 1,000 records with encrypted customer name information that may have been accessed. Bitrefill stated that customers do not need to take any specific actions but advised to be vigilant for any unusual activity. Bitrefill added that it has currently closed related systems for isolation and is working with security experts, blockchain analysts, and law enforcement agencies, with operations almost back to normal. The company emphasized its long-term profitability and sufficient funds to absorb this loss, and will continue to strengthen network security measures, including internal access controls, monitoring, and emergency response mechanisms.
Tags:
Link: Bitrefill discloses suspected North Korean hacker attack leading to customer data leak, has closed related systems for isolation [Copy]
