BlockFi, a popular cryptocurrency lending platform, informed its customers on Tuesday that it had a “temporary” data breach, putting some client’s data at risk.
The breach happened on May 14 and, according to the exchange, the breach lasted for over an hour before the root cause of the unauthorized intrusion was found and it was stopped.
The platform also stressed that no critical customer data including funds were compromised.
“BlockFi was able to confirm that no funds, passwords, social security numbers, tax identification numbers, passports, licenses, bank account information, nor similar non-public identification information was exposed as a result of this incident,” the official announcement detailed.
The compromised data include customer name, email, date of birth, and physical address linked to the accounts, along with all transaction information.
Introducing NextV - The Full Scope Solution To Building Your Next Virtual EventGo to article >>
Zac Prince, the platform’s CEO, also confirmed that the breach impacted less than half of their retail clients and no institutional clients were affected.
A classic hack
The official intimation detailed that the perpetrators compromised the phone of a BlockFi employee to gain access to a portion of the platform’s “encrypted” back-office system. This is a classic example of a SIM port hack and it uses the vulnerability of the cell phone carrier.
“Based on the unauthorized third party’s actions, it appears that the perpetrator attempted to make unauthorized withdrawals of client funds using the BlockFi platform, but was unsuccessful in doing so,” BlockFi state
“However, the unauthorized third party was able to access BlockFi client information typically used by BlockFi for retail marketing purposes throughout the duration of this incident.”
In response to the breach, BlockFi has now tightened its security measures including limiting employee access to customer information, security updates to employee mobile phones, enhanced security audits, and also upgraded its incident response trigger protocol.
“We are constantly reviewing and improving our systems and security processes and will be accelerating efforts in a number of areas as a result of this activity,” the company stated. “In addition to ongoing development of our systems, we are actively researching options for us to contribute to the cybersecurity efforts of the cryptocurrency industry more broadly.”