Bitrefill cyberattack don expose 18,500 records and hot wallets

Di attack wey happen for Bitrefill on March 1, 2026 start because one staff laptop comot compromised. Na so attackers take fit reach production keys and commot money from plenty hot wallets. The matter show about 18,500 transaction/purchase records. One leaked dataset carry email addresses, crypto payment addresses, part IP data, and full names for like 1,000 records. Bitrefill talk say the data bin encrypted, but dem warn say attackers fit don get decryption keys, so every compromised record dey treated as maybe risk. Bitrefill talk say KYC information no suffer because identity verification dey stored off-platform with third-party provider. The company still talk say attackers no access user accounts or collect financial verification documents. Dem blame the intrusion on Lazarus Group, wey dem report use old login credentials and one unused access credential to waka laterally inside im infrastructure, including suspicious orders wey dem route through in-platform gift card suppliers. For traders, na mainly platform security issue: Bitrefill cyberattack claims wallet exposure and operational losses, but e no mean say major on-chain assets widespread compromise. Services dem take offline and later mostly restore by March 17 after internal review and security overhaul, with the firm cover losses from im own funds and improve controls, logging, and incident response.