A UK bitcoin vendor may have suffered a security breach, temporarily exposing customer data to the public.

Visitors to the website for CoinCut, based in London, were able to access directories that included images of passports, credit and debit cards and personal IDs. The site was taken offline, and it is unclear how long the information was publicly available.

CoinCut representative Dax Chan said that the team is “treating this as malicious”, adding that further investigation is taking place at this time.

He explained:

“We’re trying to figure out how that particular directory was made visible to the world – and how the problem leaked out so promptly given that we’re a moderately small bitcoin vendor in the grand scheme of things.”

As credit and debit card information was publicly viewable, CoinCut customers should monitor card activity for suspicious transactions.

The leak of personal information could also potentially raise the risk of identity fraud for those affected.

CoinDesk will continue monitoring this developing story.

Security lock image via Shutterstock

The leader in blockchain news, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups.