Skip to content

Incidents involving:

Sumsub

Data breachContained

Data leak at Sumsub

In February 2026, identity-verification (KYC) provider Sumsub disclosed a 2024 breach — undetected for ~18 months — in which an attacker reached a customer-support environment and exposed the names, email addresses and phone numbers of clients of crypto and fintech platforms it serves.

Victim
Sumsub