ADVERTISEMENT

Major crypto exchange leak exposes user wallets, passwords

The unprotected database revealed millions of records ranging from two-factor authentication codes and hashed passwords to wallet addresses. What’s worse, the data has been accessible for months.

NCX exchnage leaks user data
Vilius Petkauskas
Vilius Petkauskas Deputy Editor
Oct 28, 2025 Updated: 8 December 2025 2 min read
“This leak casts serious doubt on those claims, especially regarding user privacy and operational security,”
the team explained.

What NCX data was exposed?

  • Full names, usernames, and dates of birth
  • Email addresses
  • Links to user-uploaded identity documents (KYC)
  • Two-factor authentication (TFA) codes and URLs
  • Internal API keys
  • IP addresses
  • Hashed passwords
  • Profile photo URLs
  • Secret keys (obfuscated or encoded)
  • Wallet addresses and related blockchain transaction info
  • Deposit/withdrawal history, currency types, block statuses
  • Admin support logs and Help Center communications
NCS data leak
Sample of the leaked data. Image by Cybernews.
ADVERTISEMENT

What should NCX’s users do?

  • Immediately take the MongoDB instance offline or restrict access via firewall
  • Require credentialed access and enable encryption in transit
  • Rotate exposed 2FA keys and invalidate secret URLs
  • Notify affected users and regulatory bodies
  • Perform a full forensic audit to determine the scope of compromise
  • Migrate from exposed endpoints to secure cloud-managed solutions with access control

  • Leak discovered: August 3rd, 2025
  • Disclosure sent: August 3rd, 2025

ADVERTISEMENT