1. BITBILIHome
  2. Article

Huobi fixes data breach involving sensitive information for 4,960 users

93 views

TL;DR Breakdown

  • Crypto exchange Huobi has fixed its data breach after a massive data leak that allegedly put users’ funds at risk since June 2021
  • The exchange risked exposure of its sensitive information, such as VIP user data and technical infrastructure of the exchange
  • However, it took months for the exchange to respond to the white hat hacker

Description

Crypto exchange Huobi has fixed its data breach after a massive data leak that allegedly put users’ funds at risk since June 2021. The data leak had information on almost all the over-the-counter (OTC) transaction information from 2017 to 2021, with some of the data being VIP user data and information on the technical infrastructure … Read more

Crypto exchange Huobi has fixed its data breach after a massive data leak that allegedly put users’ funds at risk since June 2021. The data leak had information on almost all the over-the-counter (OTC) transaction information from 2017 to 2021, with some of the data being VIP user data and information on the technical infrastructure of the exchange.

Huobi risked exposure of its sensitive information 

White hat hacker and citizen journalist Aaron Phillips disclosed the Huobi data breach. The white hacker explained that an attacker exploiting Huobi’s vulnerability would have had the opportunity to achieve the largest crypto theft in history. Anyone accessing the exchange’s credentials could have changed their domains, including hbfile.net and huobi.com. In addition, their internal documents and user data could be exposed.

According to previous reports, the company handles over a billion dollars daily in trading volume. Hence, users’ accounts and crypto assets would have been stolen if they hadn’t taken action to fix the leak. Phillips emphasized the potential for malicious scripts to be injected into Huobi’s content delivery networks (CDNs) and websites. According to him, the CDNs might have compromised all Huobi login pages, possibly harming anyone who used a Huobi website or app over the previous two years.

The exchange risks exposure to sensitive information, including the contact information and account balances of cryptocurrency users, and it puts customers at risk of losing their accounts and crypto assets. According to Phillips, this includes Huobi’s over-the-counter (OTC) trade data as well as a database of cryptocurrency whales. He confirmed, however, that no breach was carried out using the data leak.

Huobi fixes data breach

According to the exchange, which confirmed the occurrence, it was caused by the appropriate staff members’ irregular conduct in the S3 barrel of the Japanese station’s test environment. On October 8, 2022, all pertinent user data was isolated. 

The exchange asserted that the leakage was small-scale, involving 4,960 individuals. It added that the leaked information did not have sensitive information and never affected user accounts and the security of their assets. 

Huobi further stated that the Huobi Japanese and Huobi Global sites are separate entities. On June 21, 2023, the Huobi Security Team immediately took action after being alerted by a white hat team, instantly closing the associated file access permissions. According to the exchange, the issue has been resolved, and all associated user data has been removed. Huobi has since deleted the affected account, and no users are at risk anymore.

Despite the issue being resolved now, Phillips mentioned that it took months for the exchange to respond, and the leaked data remained online even after he gave Huobi the first notice in June 2022.

Crypto exchanges are prone to data breaches since they have access to a lot of customer data that can be used to steal funds by hackers. Coinsquare, a Canadian crypto exchange, suffered a data breach in November 2022. Its users’ information was exposed, such as phone numbers, names of investors, birth dates, public wallet addresses, and transaction history. However, the exchange affirmed that there were no passwords accessed, and the information is yet to be detected by bad actors.

Gemini Exchange also experienced a data breach that saw 5.7 million users stolen and leaked on hacking forums. Posts advertising the data from the breach first surfaced in September last year, with the data offered for 30 BTC, about $520,000. The same data was posted in November, offering the data and additional data from other exchanges. In another forum, later on, the data was offered for free. Gemini has since asked its clients to implement two-factor authentication and use hardware security keys to prevent hacking and accessing their funds.

The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.

文章来源于互联网:Huobi fixes data breach involving sensitive information for 4,960 users

Disclaimers:

1. You are solely responsible for your investment decisions and this info is not liable for any losses you may incur.

2. The copyright of this article belongs to the writer, it represents the writer's opinions only, not represents the site's ones. Not financial advice.

Previous 2023年7月5日 12:00
Next 2023年7月5日 13:23

Related articles

  • Founder of defunct Turkish crypto exchange Thodex sentenced to over 11,000 years in prison

    TL;DR Breakdown Faruk Fatih Özer, the founder of the now-defunct Turkish cryptocurrency exchange Thodex, along with his sister Serap Özer and brother Güven Özer, has been sentenced to a staggering 11,196 years, 10 months, and 15 days in prison, as reported by local media. Thodex abruptly ceased operations in April 2021, leaving over 400,000 users bewildered and unable to access their deposits, which amounted to a staggering $2 billion in various cryptocurrencies. Description Faruk Fatih Özer, the founder of the now-defunct Turkish cryptocurrency exchange Thodex, along with his sister Serap Özer and brother Güven Özer, has been sentenced to a staggering 11,196 years, 10 months, and 15 days in prison, as reported by local media. In addition to the prison sentences, the court imposed a judicial fine of … Read more Faruk Fatih Özer, the founder of the now-defunct Turkish cryptocurrency exchange Thodex, along with his sister Serap Özer and brother Güven Özer, has been sentenced to a staggering 11,196 years, 10 months, and 15 days in prison, as reported by local media. In addition to the prison sentences, the…

    Article 2023年9月9日

  • Could Drakes’ and the Weeknd AI-generated song win a Grammy?

    TL;DR Breakdown The fictional collaboration between The Weekend and Drake for “Heart on My Sleeve” song serves a Grammy controversy. Grammy bosses state that that discrediting any material with an AI touch would be unfair. Hence a possible Grammy nomination. However, as it stands, the song is not available commercially and thus not eligible for a Grammy award.  The Drake AI song attracted discussions around the future of AI in the music industry. Is it that the AI generated songs are unethical or is this a legal fight? Description Drake continues to make pop news in the entertainment industry. The “Heart on My Sleeve” TikTok hit sparked controversy earlier this year. A content creator, Ghostwriter, used artificial intelligence to create a fictional collaboration between The Weeknd and Drake.  The viral song Drake was quickly taken down from streaming sites due to legal and ethical … Read more Drake continues to make pop news in the entertainment industry. The “Heart on My Sleeve” TikTok hit sparked controversy earlier this year. A content creator, Ghostwriter, used artificial intelligence to create a fictional…

    Article 2023年9月9日

  • CFTC’s crypto crackdown in Florida, Louisiana, Arkansas

    TL;DR Breakdown The CFTC has initiated legal proceedings against individuals linked to Fundsz for deceptive cryptocurrency and precious metals trading. Fundsz’s associates, based in Florida, Louisiana, and Arkansas, promised implausible returns and associated their venture with charitable initiatives. Over 14,000 individuals were misled with false promises of weekly returns. Description In a notable development, the landscape of the cryptocurrency world has been jolted yet again. The Commodity Futures Trading Commission (CFTC) is displaying zero tolerance, focusing its regulatory radar on individuals linked to an operation identified as Fundsz, a company embroiled in questionable investment solicitations. The heart of the matter lies in their unconvincing assertions … Read more In a notable development, the landscape of the cryptocurrency world has been jolted yet again. The Commodity Futures Trading Commission (CFTC) is displaying zero tolerance, focusing its regulatory radar on individuals linked to an operation identified as Fundsz, a company embroiled in questionable investment solicitations. The heart of the matter lies in their unconvincing assertions and dubious dealings in cryptocurrency and precious metals. Alluring Promises with Hollow Foundations The players in this…

    Article 2023年8月13日

  • What has the Inflation Reduction Act actually done?

    TL;DR Breakdown Inflation Reduction Act (IRA) drives US into the global clean energy spotlight. Massive investments: $84 billion in cleantech projects in a year. Foreign investors, especially South Korea and Europe, aggressively investing in the US. Description It’s been precisely a year, and the reverberations of the Inflation Reduction Act (IRA) are echoing across the global clean energy markets. The United States, once a silent observer, is now dominating the cleantech manufacturing realm. And yet, as we wade through the vast sea of data, billions of investments, and political campaigns, the ultimate … Read more It’s been precisely a year, and the reverberations of the Inflation Reduction Act (IRA) are echoing across the global clean energy markets. The United States, once a silent observer, is now dominating the cleantech manufacturing realm. And yet, as we wade through the vast sea of data, billions of investments, and political campaigns, the ultimate question remains: has the Act genuinely curtailed inflation? The Unexpected Green Boom Forget the silent whispers; the IRA’s impact has been nothing short of thunderous. This monumental $369 billion spending…

    Article 2023年8月18日

  • Cash dash climax? Bank of America’s unexpected view

    TL;DR Breakdown Bank of America suggests that the investors’ trend of opting for cash, prevalent throughout the year, might be nearing its peak. A net outflow of $10 billion from cash over the past two weeks indicates this shift. Tech stocks and high-yield bonds have recently seen strong inflows due to the growing excitement about AI and signs of easing inflation. Description The financial landscape has recently been marked by a scramble towards cash, a reaction to uncertainty and upheaval in the market. However, recent insights from the Bank of America’s global research team suggest we may be witnessing the culmination of this investor sprint. Riding the waves of cash flows Throughout this tumultuous year, investors have … Read more The financial landscape has recently been marked by a scramble towards cash, a reaction to uncertainty and upheaval in the market. However, recent insights from the Bank of America’s global research team suggest we may be witnessing the culmination of this investor sprint. Riding the waves of cash flows Throughout this tumultuous year, investors have been notably drawn to the…

    Article 2023年7月23日
TOP