Bitrefill Hit by Lazarus Group Hack, Over 18,500 Records Compromised

Cryptocurrency payments platform Bitrefill has suffered a major cyberattack at the hands of the North Korea-linked Lazarus Group. The attack compromised over 18,500 purchase records, containing sensitive information such as email addresses, payment addresses, and IP addresses.

According to an investigation by Bitrefill, the attackers gained access to production keys, transferred funds from hot wallets, and exposed customer data. The company has stated that its logs indicate the attackers ran a limited number of queries aimed at cryptocurrency holdings and gift card inventory, rather than extracting the entire database.

Bitrefill operates a global e-commerce business with dozens of suppliers, thousands of products, and multiple payment methods across many countries. The company has acknowledged that this was its first major attack in over a decade of operation, but stressed that it remains well-funded and profitable, capable of absorbing operational losses.