The Nansen crypto analytics platform revealed this Friday (22) that there was a data leak at one of its outsourced suppliers. The security incident resulted in the compromise of information such as emails, password hashes and some blockchain addresses.
According to the statement issued by Nansen, the leak impacted 6.8% of its users, who had their email addresses exposed. The report added that there was also exposure of a smaller subset of password hashes and blockchain addresses from some accounts. Therefore, it is recommended to be alert to possible phishing scams spread via email.
A phishing attack is a type of cybercrime technique where scammers manipulate victims to obtain confidential information. In general, they try to impersonate legitimate institutions and send malicious links via email or other means to obtain sensitive data from victims, such as email addresses, banking credentials and cryptocurrency wallet passwords.
Security breach at crypto firm Nansen
Nansen said the breach resulted in it gaining administrator access to an account that was used to provide customer access to its platform. The name of the third-party supplier was not revealed by Nansen. However, the crypto firm encouraged the company to publicly disclose the incident.
According to a post on Nansen’s official X (formerly Twitter) account, the vendor in question is a well-established entity trusted by Fortune 500 companies in the same industry to manage customer data.
The crypto company contacted affected users and encouraged them to change their passwords and beware of phishing attacks. It is worth noting that users’ wallet funds remain unharmed. This is because the crypto company does not request private keys from its users.
Finally, Nansen said it is conducting a full investigation with the vendor and external legal advisors. Furthermore, it said it is “committed to communicating as transparently as possible with our users.”