AU10TIX, an Israeli company that verifies IDs for clients like TikTok, X, and Uber, accidentally left important admin credentials exposed for over a year. This company uses photos of faces and driver’s licenses to verify identities, which could have been accessed by hackers. Mossab Hussein from the cybersecurity firm spiderSilk discovered this exposure and criticized AU10TIX for not protecting people’s sensitive information properly.
The exposed credentials gave access to a platform with links to identity documents. There is evidence that hackers may have found and used these credentials. They were likely stolen by malware in December 2022 and appeared on Telegram in March 2023. 404 Media found many passwords and tokens linked to an AU10TIX manager.
If hackers accessed this data, it could include names, birthdates, nationalities, ID numbers, and document images, which is enough for identity theft. Hackers could use this information to cause serious harm by logging in and misusing the data.
AU10TIX admitted the mistake but said there’s no evidence the data was exploited. They have notified affected customers and are upgrading to a more secure system. Some clients, like Upwork, had already switched providers before this breach was known. Others, like Fiverr and Coinbase, said they aren’t aware of any data exposure but still work with AU10TIX. X started using AU10TIX in September for verifying premium users.
This incident is part of a larger trend where hackers steal customer data and sell it on platforms like Telegram and the dark web. Other organizations, including AT&T, LoanDepot, and the US Department of Defense, have faced similar issues, highlighting the need for stronger cybersecurity measures to protect sensitive information.