Bitcoin Marketplace Keepchange Suffers Data Breach — No Funds Stolen During the Incident
A bitcoin company is the latest victim of a data breach incident, where hackers managed to access customers’ full names and email addresses. Moreover, attackers sent withdrawal requests from the company customers’ accounts to addresses belonging to the hackers.
Marketplace Warns Users of Phishing Attacks
According to the announcement, Keepchange clarified that attackers stole part of their customers’ data, including trade counts, total traded amount, and passwords in the hashed form.
Although the company stated it’s “very unlikely” the hackers can retrieve the password from the hashed form, they recommend users change passwords.
However, the bitcoin (BTC) company clarified one of their control subsystems thwarted the hacker’s attempts to withdraw money from the user’s accounts affected in the data breach. No BTC was stolen during the cybersecurity incident.
As part of a series of security measures to be deployed, Keepchange says they’ve activated “Login Guard.” After each login, a user will receive an email with a link, which should be opened to access the account.
Also, the company made the following announcement on withdrawals:
Withdrawal requests will be disabled until Thursday so that we can finish our internal investigation, and users have enough time to reset their passwords. From Friday, you can send your withdrawal requests as usual. Deposits and trades are active, and working in the meantime. We have done other required actions in the last hours, to be sure that no similar attacks can occur.
Recent Massive Data Breach Incidents in Crypto Exchanges
Keepchange also warned on phishing attacks that could affect their users, as their data is compromised. Additionally, the firm recommends its customers activate the second-factor password (2FA) feature to access services.
In January 2021, an Indian cryptocurrency exchange was the victim of a massive data leak incident. Hackers reportedly stole sensitive data of about 325,000 users from Buyucoin.
The leaked data includes personal information, encrypted passwords, user wallet details, order details, bank details, PAN numbers, passport numbers, and deposit histories.
What do you think about this data breach incident? Let us know in the comments section below.