A threat actor claims they cracked into one of Europe’s biggest crypto platforms and made off with millions of users’ sensitive data. Bitpanda is calling it fake.
A threat actor is claiming to have orchestrated a massive breach of Bitpanda, one of Europe’s biggest crypto platforms, and exfiltrated the sensitive data of over 5.4 million verified users. The Austrian-based broker is currently valued at over $4 billion.
In a post on a well-known cybercrime forum published on June 29th, 2025, the threat actor claimed to have infiltrated Bitpanda’s “Tier 1 infrastructure” and is now selling what they call a “fresh dump” – not recycled, not reused, and not compiled from a previous leak.
Full names, IP addresses, wallet info, KYC status, and IBANs for $15,000 are said to be among the allegedly stolen data. The seller even provided a 200-record sample to back up the claims, name-dropping a swath of European countries allegedly affected by the breach, including Germany, France, Italy, Spain, and Austria.
Cybernews has contacted Bitpanda regarding the case, and the company’s security team dismissed the claims. After conducting an internal investigation, the company stated that there was no unauthorized access to its systems, and user data remains fully secure.
“We’re aware of the recent claims suggesting a data breach at Bitpanda. To be absolutely clear: these claims are false,” the company’s spokesperson told Cybernews.
“Security is our top priority. We understand that such reports can create concern, and that’s why we act with full transparency. If there were ever any risk to our users’ data or assets, we would communicate it immediately and openly."
This kind of false flag isn't new in the underworld of stolen data markets. Claiming to have breached a high-profile target can spike a seller's visibility, boost credibility, and drive prices up, especially if buyers believe they’re getting fresh access to sensitive data.
“We often see invalid, combined data for sale by threat actors, especially attached to big names like Bitpanda, as in this particular case,” said the Cybernews research team.
“Data combinations of cryptocurrencies can often pass as valid data because traders rarely stick to one platform – they usually register on at least a few," the team added. According to them, such data is often used for targeted phishing campaigns to steal cryptocurrencies and their seed phrases and is rarely double-checked for full validity.
Big names keep popping up on the cybercrime forums. Just last month, hackers claimed to be sitting on tens of millions of stolen telecom records from Claro and Movistar. In a statement to Cybernews, Claro also called the claims fake.
Updated on July 2nd with Bitpanda's comment.
Your email address will not be published. Required fields are markedmarked