[Updated]Austrian Crypto Giant Bitpanda Allegedly Breached – 5.4 Million User Data for Sale

Vienna-based fintech unicorn, Bitpanda, is allegedly the latest victim of a significant data breach, with a threat actor claiming to have exfiltrated the data of 5.4 million verified users across Europe. Bitpanda, a leading European cryptocurrency broker valued at over four billion dollars, offers trading in cryptocurrencies, stocks, and precious metals to its millions of customers. The company, founded in 2014, is a fully regulated and licensed platform, making the alleged breach a serious concern for the security of its users’ sensitive financial and personal information.

The individual claiming responsibility for the breach alleges that they personally infiltrated Bitpanda’s Tier 1 infrastructure on June 29, 2025, and is now selling the freshly dumped data. The seller emphasizes that this is not a resold or previously leaked database. The data is said to be from a “True Tier 1 source,” implying direct access to internal systems. The alleged hacker has set a price of $15,000 for the entire database and has provided a sample of 200 records to prove their claims. The countries impacted are said to span the European Economic Area, including Germany, France, Spain, Italy, and Austria.

The compromised information allegedly includes a wide range of personally identifiable information (PII) and financial data. The threat actor has listed the following data types as being part of the leaked database:

• Full Name
• Country
• Phone Number
• IP Address
• IBAN / Wallet
• Registration metadata
• Tier level + KYC status

As of the time of this report, Bitpanda has not released any official statement confirming or denying the alleged data breach. The claims are solely based on the assertions of the individual selling the data on a hacking forum.

Updated:

We are adding the relevant company’s statement to our news article.

• There was no unauthorized access to any Bitpanda system.
• No customer data has been compromised.