Data leak at Sumsub
In February 2026, identity-verification (KYC) provider Sumsub disclosed a 2024 breach — undetected for ~18 months — in which an attacker reached a customer-support environment and exposed the names, email addresses and phone numbers of clients of crypto and fintech platforms it serves.
- Victim
- Sumsub