Fractal ID: A third party accessed the operator account without authorization, and the team has logged out the attacker

Odaily News Fractal ID, a blockchain identity platform, announced that its engineers discovered a potential data leak on July 14. A third party outside Fractal ID accessed the operators account without authorization and ran an API script that accessed user personal data from 13:14. The team noticed the attack and took measures to log the attacker out of the system before 15:29. The information that may have been leaked includes information in the Fractal ID user profile, including name, email address, wallet address, phone number, physical address, images and pictures of uploaded files. The team has taken measures to mitigate the impact of the leak and implemented additional security measures.