X, Coinbase User Data Potentially Exposed As KYC Provider AU10TIX Left Admin Credentials Open for 18 Months

- The leak occurred in December 2022, and it is believed that malware accessed the admin account. The account details have been shared in Telegram hacker communities since March 2023.

- The exposed admin credentials provided access to a logging platform containing links to identity documents, including user names, dates of birth, nationalities, ID numbers, and images of uploaded documents.