Liquid, the 16th largest cryptocurrencycryptocurrency exchange by volume, today disclosed details about a hack that exposed its customers’ personal information, possibly including names, addresses and encrypted passwords.
Update on security incident from 13 November 2020.
Having contained the attack, reasserted control of the domain, and performed a comprehensive review of our infrastructure, we can confirm client funds are accounted for and remain safe and secure. https://t.co/ebbLd6eprB
In a blog post, Mike Kayamori, CEO of the cryptocurrency exchange Liquid, said that hackers on November 13 wrestled control over one of Liquid’s domain names (quoine.com, the site of Liquid’s Japanese parent company), after hacking into its domain name hosting provider.
This allowed the hacker to control company email addresses; now inside the systems, the hacker “was able to partially compromise our infrastructure, and gain access to document storage,” said Kayamori.
Nov 13th our https://t.co/hwniBQoyk5 domain was compromised via our DNS provider. We revoked all API tokens issued prior to today, which have no IP whitelist applied. If your API key was revoked, create a new API and request to whitelist your IP address: https://t.co/RiJfeEkoTF
Kayamori said that they “intercepted and contained the attack,” took further action to protect its customers, and informed the police.
He said that customers' funds are “accounted for, and remain safe and secure,” and that cold-storage crypto wallets weren’t compromised.
However, Kayamori believes that the hacker stole personal information about its customers. “This may include data such as your email, name, address and encrypted password,” he said.
Kayamori said the firm is unsure whether the hacker also accessed ID photos, selfies and proof of addresses used for identity checks. Liquid accepts credit card and bank statements as proof of addresses.
To his customers, Kayamori said, “It is also possible that you may experience an increase in spam email and phishing attempts. Phishing attempts may be more sophisticated and difficult to detect when a malicious actor has access to your personal information.”
Change your passwords, folks.
Daily Debrief Newsletter
Start every day with the top news stories right now, plus original features, a podcast, videos and more.
Crypto exchange Bullish has submitted paperwork for an initial public offering to the Securities and Exchange Commission, according to a report from the Financial Times, citing sources familiar.
The move marks its second bid to go public, following an initial attempt in a $9 billion merger with a special purpose acquisition company, Far Peak, in July 2021.
Those prospects went dim by late 2022, with aspirations later called off due to prevailing “time constraints and market conditions.”
These T...
About three in five Fortune 500 companies are working on blockchain initiatives, Coinbase found in its State of Crypto second quarter report based on questions posed to executives from these firms.
Roughly half the participants said that their companies had increased spending on blockchain while one in five said it was a key part of their firms' strategies, although many also expressed concerns about regulation.
"So, the future of money is here and it has only just begun," the report said. "But...
American Bitcoin, a bitcoin mining firm backed by Donald Jr. and Eric Trump, has amassed 215 Bitcoin since its debut in April, according to a recent disclosure from the company to the U.S. Securities and Exchange Commission.
In a filing dated June 6, the digital asset mining firm disclosed it had 215 Bitcoin in its reserves as of May 31.
The tokens are worth $23.7 million based on current prices. Bitcoin was recently trading at $110,300, according to the same data provider, CoinGecko’s data sho...
