Overview

• Forteil, which operates Bonify, confirmed criminals accessed identification data from the Videoident process, including ID documents, address details, and photo or video recordings.
• The company said passwords, bank or payment credentials, and Schufa credit information were not compromised.
• The number of affected users, the timeframe of exposure, and the technical origin of the breach remain unknown, with investigations involving HBDI, BaFin, and law enforcement underway.
• Reporting indicates the compromise centers on Videoident materials handled via the third‑party provider IDnow, though there is no confirmation the leak occurred at the vendor and an insider or other vector has not been ruled out.
• Affected customers were notified by email and offered six months of free identity‑protection monitoring, while Forteil acknowledged an extortion demand and no confirmed sale of the data has surfaced.