Bitrefill blames North Korea-linked Lazarus hacker group for compromising 18,500 purchase records
Bitrefill suffered a cyberattack by the Lazarus Group, exposing 18,500 purchase records, but the company will cover the losses.Summary
Cryptocurrency platform Bitrefill has attributed a recent cyberattack to the North Korea-linked Lazarus Group. The breach, which occurred on March 1, 2026, compromised parts of Bitrefill’s infrastructure and cryptocurrency wallets, resulting in the exposure of approximately 18,500 purchase records containing email addresses, payment addresses, and IP addresses, with around 1,000 also including encrypted usernames. The attackers gained access through a compromised employee laptop and exploited vulnerabilities in the company’s gift card inventory and supply chains. Bitrefill has stated it will cover the financial losses from operational capital and has implemented enhanced security measures, including penetration testing and improved access controls. While customer data was accessed, the company believes it wasn't the primary target and advises caution regarding suspicious communications.
(Source:CoinDesk)