According to Foresight News, blockchain identity platform Fractal ID issued an announcement that its engineers discovered a potential data leak on July 14. A third party outside Fractal ID accessed the operator's account without authorization and ran an API script that accessed user personal data starting at 13:14.
The team noticed the attack and took steps to log the attacker out of the system by 15:29. The potentially compromised information included information from Fractal ID user profiles, including names, email addresses, wallet addresses, phone numbers, physical addresses, images of uploaded files, and pictures.
The team has taken steps to mitigate the impact of the breach and implemented additional security measures.