Using its Facebook page to connect with global customers, Atlas Quantum, a cryptocurrency investment platform, announced a security incident that exposed the personal details of about 261,000 users, according to Have I Been Pwned.
The company said that it learned of a security incident on Saturday, 25 August, and that it is both investigating the incident and working with the proper authorities, though the disclosure provided little details about the event.
“We would like to point out that this is not a steal of bitcoins in custody or violation of our accounts in the exchanges. However, our customer base was exposed. At the time of the incident, we took immediate steps to protect the database and passwords and private keys remain encrypted,” Atlas Quantum wrote.
The compromised information includes names, phone numbers, email addresses and account balances of Atlas Quantum users. “The Atlas Quantum data breach suggests that crypto services remain a high-profile target for hackers. Even those who do not actively use the platform to store or invest in crypto may have had their personal data exposed,” said Anurag Kahol, CTO, Bitglass.
“For companies like Atlas that store mass amounts of user data, reputation and user data security are closely tied. Quickly identifying the cause of this breach and mitigating the threat of further data loss is a critical next step for Atlas and prevention should be top of mind for all companies that store high-value data."
Hackers don’t discriminate when it comes to attack vectors, and financially motivated criminals will target cryptocurrency platforms looking for sizable payouts.
“It is important that organizations have the right tools in place to know where vulnerabilities exist and what they can do to prevent their customers’ data from being compromised. Cryptocurrency platforms need to be taking precautions, as the number of incidents like this seems to be increasing,” Jonathan Bensen, director of product management and acting CISO, Balbix.
If you found this article insightful, why not watch our #InfosecWebinar on Malware in IoT, Crypto-coins & Smart Devices