AU10TIX, an ID verification company based in Israel that works with TikTok, X, and Uber, among others, has faced a significant security breach, as reported by 404 Media. The company left a set of administrative credentials exposed for more than a year, compromising the security of the identity verification process it manages.
This exposure has potentially opened up users’ personal data, including facial images and driver’s licenses, to hackers. The issue was initially discovered by Mossab Hussein, the chief security officer at the cybersecurity firm spiderSilk, who emphasized the failure of AU10TIX to implement basic security measures to protect sensitive ID documents.
The exposed credentials provided access to a logging platform that contained links to identity documents, raising concerns about unauthorized access and use by malicious actors. Evidence suggests that these credentials were obtained by malware in December 2022 and later posted on a Telegram channel in March 2023.
404 Media, which downloaded the credentials, found numerous passwords and authentication tokens associated with a Network Operations Center Manager at AU10TIX.
If exploited, the compromised data could include a user’s name, date of birth, nationality, ID number, and images of their documents—essentially all the information needed for identity theft.
The ease with which hackers could use the exposed credentials to access and misuse this data underscores the severity of the breach. The potential for such misuse has sparked significant concern among users and partners of AU10TIX.
In response to the breach, AU10TIX stated that the data was “potentially accessible” but claimed there was no evidence of exploitation. The company has informed affected customers and plans to replace its current operating system with one that prioritizes security.
Despite this assurance, some of AU10TIX’s partners, like Upwork, had already switched to different verification providers before the breach became public. X, which began using AU10TIX in September, along with other partners like Fiverr and Coinbase, has not reported data exposure but continues to monitor the situation.
This incident reflects a broader trend where hackers leak customer data on platforms like Telegram or the dark web. Such breaches are increasingly common, as evidenced by recent incidents involving AT&T, LoanDepot, and the US Department of Defense.
The AU10TIX breach highlights the ongoing challenges companies face in securing sensitive personal data and the dire consequences of failing to do so.
