Swedish Cryptocurrency Exchange Experiences Security Breach
QuickBit cryptocurrency exchange recently experienced a data breach, which affected about two percent of its customers. In an updated report on July 22, 2019, the company said the breach was as a result of a third-party system upgrade, but customers’ accounts and transactions were still safe and intact.
Third-Party System Upgrade Exposed Customers’ Data
According to QuickBit, a Swedish cryptocurrency retailer, the security breach occurred during a security upgrade for customer screening. The upgrade made customers’ database exposed and vulnerable to hackers for exploits.
However, the company said that protective measures have been taken to prevent a similar occurrence. According to the update:
“QuickBits technicians have immediately taken steps to ensure that all servers are protected behind firewalls, and prevent the possibility of similar incidents. We want to emphasize that the data that has been accessed cannot be used to harm either the Company or its customers”.
The incident was first discovered by tech reporter and VPN expert, Paul Bischoff, and technology website, Comparitech. Per the report released on July 22, 2019, the pair noticed the security breach on July 2, 2019.
Furthermore, the report written by Paul Bischoff stated that then issue happened as a result of an exposed MongoDB database devoid of authentication. Also, the database was vulnerable for six days before QuickBit took action.
In addition, over 300,000 customers were at risk and personal information revealed include full name, address, date of birth, gender and transaction amount. Other details include email address, profile level, payment information, source currency, and target currency.
While the QuickBit update also stated that name, address, email address, and incomplete card information, the crypto exchange stated that about 2 percent of customers were affected.
Furthermore, Bischoff wrote:
“Perhaps the most concerning part of this leak is the 143 records that contained things like user IDs, passwords, and secret phrases. Depending on the platform setup and who this information pertains to, this data could potentially give malicious parties full access to registered accounts.”
But the Swedish company declared that despite the breach, financial transactions, passwords and security numbers, crypto wallets, and credit card information were still safe.
Data Breach: Still a Cause for Concern
While QuickBit and its customers are lucky that attackers didn’t get hold of the leaked database, a Shangai Hotel wasn’t so lucky. According to the report, the hotel suffered a data breach that leaked 500 million pieces of personal data and booking information. Attackers thereafter sold the information on the dark web market for eight BTC.
In April 2019, a member of the Federal Communications Commission (FCC) called on regulators to pay more attention to data breaches.
Also, a report by Upguard revealed that over 540 million records of Facebook’s users’ information were found on insecure public storage third-party servers.