On Tuesday, Bitrefill, a Swedish company that lets people shop online using cryptocurrency, announced it was hacked on March 1, 2026. The company believes the attack was carried out by North Korean hackers associated with a well-known hacking group called Lazarus.
The company published a report explaining the recent security breach. The breach led to some users’ funds being stolen and a limited amount of their personal information being exposed.
18,500 Purchase Records Exposed
Bitrefill announced on X (formerly Twitter) that the recent attack showed signs similar to those used by the North Korean hacking groups Lazarus and Bluenoroff in past attacks.
The attack started when hackers gained access through a Bitrefill employee’s laptop. They stole an old username and password, which let them get into confidential information, including important details about how Bitrefill operates. This initial access then allowed them to move further into Bitrefill’s systems, databases, and digital wallets.
The cyberattack began when the team spotted unusual gift card purchases, suggesting someone was misusing the company’s stock. This led to attackers gaining access to some of the company’s digital wallets and stealing funds by sending them to accounts they controlled.
Bitrefill stated that their investigation suggests customer data wasn’t the main goal of the security breach.
The company stated that attackers didn’t appear to have gotten into the main database. Instead, they ran a few searches, probably to see if they could find valuable information like cryptocurrency or gift card balances.
The company has confirmed a data breach affecting around 18,500 customer purchase records. The information accessed was limited to things like email addresses, cryptocurrency payment addresses, and technical details such as IP addresses.
In about 1,000 transactions, customers entered names for their products. Although this data was encrypted, the attackers might have gotten access to the keys used to protect it.
Bitrefill Strengthens Cybersecurity Post-Attack
Following the recent cyberattack, Bitrefill is strengthening its security. They’re having independent experts carefully examine their systems and test for weaknesses, and are putting those experts’ suggestions into practice.
The platform is also enhancing its security by limiting who can access internal systems, boosting its ability to track and identify potential problems, and improving how it reacts to and resolves security incidents, including automatically shutting down systems when necessary.
Bitrefill has been working with leading security professionals, incident responders, blockchain analysts, and law enforcement to fully investigate the recent security breach and strengthen its defenses against future incidents.
The company announced that things are getting back to normal. They’re fixing issues with payments, making sure products are in stock, and restoring full access to accounts. The Bitrefill team added:
Bitrefill was created with situations like this in mind, and we’re prepared to handle it. We have enough funding and have been profitable for years, so we can cover these losses without impacting our business. We’re committed to continuing to earn your trust.
Read More
- CookieRun: Kingdom 5th Anniversary Finale update brings Episode 15, Sugar Swan Cookie, mini-game, Legendary costumes, and more
- Gold Rate Forecast
- How to get the new MLBB hero Marcel for free in Mobile Legends
- 3 Best Netflix Shows To Watch This Weekend (Mar 6–8, 2026)
- American Idol vet Caleb Flynn in solitary confinement after being charged for allegedly murdering wife
- eFootball 2026 Jürgen Klopp Manager Guide: Best formations, instructions, and tactics
- Alexa Chung cements her style icon status in a chic structured blazer and leather scarf belt as she heads to Chloe afterparty at Paris Fashion Week
- Marilyn Manson walks the runway during Enfants Riches Paris Fashion Week show after judge reopened sexual assault case against him
- Brent Oil Forecast
- Chris Hemsworth & Tom Holland’s ‘In the Heart of the Sea’ Fixes Major Marvel Mistake
2026-03-18 05:12