According to ChainCatcher, blockchain identity platform Fractal ID announced that on July 14, 2024, one of its engineers detected a potential data breach in the Fractal ID system. A third party of Fractal ID accessed an operator's account without authorization and ran an API script to access the user's personal data. The Fractal ID team was aware of the attack and took measures to log the attacker out of the system.

The attacker gained access to data of approximately 0.5% of the Fractal ID user base. Potentially affected information includes information in Fractal ID user profiles, which may include names, email addresses, wallet addresses, phone numbers, physical addresses, and images and photos of uploaded documents.

Fractal ID took immediate steps to mitigate the impact of the breach and implemented additional security measures and contacted the relevant data protection authorities and cybercrime police departments. The breach was contained within Fractal ID's environment and did not affect any customer's systems or products using its services.