Bitrefill Blames Lazarus Hacker Group for Data Breach: 18,500 Crypto Purchase Records Compromised

Cryptocurrency gift card service Bitrefill has publicly accused the notorious North Korea-linked Lazarus Group of being behind a significant data breach. The company confirmed that approximately 18,500 customer purchase records were compromised in the security incident. Bitrefill stated that the breach exposed information related to purchases made between 2021 and 2024, including transaction values and the types of services bought. The firm emphasized that no sensitive financial data, such as credit card details or cryptocurrency wallet keys, was accessed. Bitrefill has notified affected users and is cooperating with law enforcement agencies to investigate the attack attributed to the Lazarus Group, which is known for targeting the crypto industry to fund state operations.