1. BITBILIHome
  2. Article

Huobi fixes data breach involving sensitive information for 4,960 users

160 views

TL;DR Breakdown

  • Crypto exchange Huobi has fixed its data breach after a massive data leak that allegedly put users’ funds at risk since June 2021
  • The exchange risked exposure of its sensitive information, such as VIP user data and technical infrastructure of the exchange
  • However, it took months for the exchange to respond to the white hat hacker

Description

Crypto exchange Huobi has fixed its data breach after a massive data leak that allegedly put users’ funds at risk since June 2021. The data leak had information on almost all the over-the-counter (OTC) transaction information from 2017 to 2021, with some of the data being VIP user data and information on the technical infrastructure … Read more

Crypto exchange Huobi has fixed its data breach after a massive data leak that allegedly put users’ funds at risk since June 2021. The data leak had information on almost all the over-the-counter (OTC) transaction information from 2017 to 2021, with some of the data being VIP user data and information on the technical infrastructure of the exchange.

Huobi risked exposure of its sensitive information 

White hat hacker and citizen journalist Aaron Phillips disclosed the Huobi data breach. The white hacker explained that an attacker exploiting Huobi’s vulnerability would have had the opportunity to achieve the largest crypto theft in history. Anyone accessing the exchange’s credentials could have changed their domains, including hbfile.net and huobi.com. In addition, their internal documents and user data could be exposed.

According to previous reports, the company handles over a billion dollars daily in trading volume. Hence, users’ accounts and crypto assets would have been stolen if they hadn’t taken action to fix the leak. Phillips emphasized the potential for malicious scripts to be injected into Huobi’s content delivery networks (CDNs) and websites. According to him, the CDNs might have compromised all Huobi login pages, possibly harming anyone who used a Huobi website or app over the previous two years.

The exchange risks exposure to sensitive information, including the contact information and account balances of cryptocurrency users, and it puts customers at risk of losing their accounts and crypto assets. According to Phillips, this includes Huobi’s over-the-counter (OTC) trade data as well as a database of cryptocurrency whales. He confirmed, however, that no breach was carried out using the data leak.

Huobi fixes data breach

According to the exchange, which confirmed the occurrence, it was caused by the appropriate staff members’ irregular conduct in the S3 barrel of the Japanese station’s test environment. On October 8, 2022, all pertinent user data was isolated. 

The exchange asserted that the leakage was small-scale, involving 4,960 individuals. It added that the leaked information did not have sensitive information and never affected user accounts and the security of their assets. 

Huobi further stated that the Huobi Japanese and Huobi Global sites are separate entities. On June 21, 2023, the Huobi Security Team immediately took action after being alerted by a white hat team, instantly closing the associated file access permissions. According to the exchange, the issue has been resolved, and all associated user data has been removed. Huobi has since deleted the affected account, and no users are at risk anymore.

Despite the issue being resolved now, Phillips mentioned that it took months for the exchange to respond, and the leaked data remained online even after he gave Huobi the first notice in June 2022.

Crypto exchanges are prone to data breaches since they have access to a lot of customer data that can be used to steal funds by hackers. Coinsquare, a Canadian crypto exchange, suffered a data breach in November 2022. Its users’ information was exposed, such as phone numbers, names of investors, birth dates, public wallet addresses, and transaction history. However, the exchange affirmed that there were no passwords accessed, and the information is yet to be detected by bad actors.

Gemini Exchange also experienced a data breach that saw 5.7 million users stolen and leaked on hacking forums. Posts advertising the data from the breach first surfaced in September last year, with the data offered for 30 BTC, about $520,000. The same data was posted in November, offering the data and additional data from other exchanges. In another forum, later on, the data was offered for free. Gemini has since asked its clients to implement two-factor authentication and use hardware security keys to prevent hacking and accessing their funds.

The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.

文章来源于互联网:Huobi fixes data breach involving sensitive information for 4,960 users

Disclaimers:

1. You are solely responsible for your investment decisions and this info is not liable for any losses you may incur.

2. The copyright of this article belongs to the writer, it represents the writer's opinions only, not represents the site's ones. Not financial advice.

Previous 2023年7月5日 12:00
Next 2023年7月5日 13:23

Related articles

  • Did Apple just make a move into the Metaverse?

    TL;DR Breakdown Apple has unveiled its Vision Pro headset, marking its entry into the metaverse and the augmented/virtual reality (AR/VR) sectors. The Vision Pro uses a new spatial computing platform, visionOS, to create interactive digital spaces. While the tech industry welcomes Apple’s entry, concerns about the company’s restrictive ecosystem and the headset’s high price persist. With a history of creating paradigm shifts in technology, Apple seems to be yet again at the forefront of a potentially game-changing move. This time, it’s not a smartphone or a watch, but the newly unveiled Vision Pro headset, a mixed reality device that could redefine how we interact with digital spaces. In essence, the metaverse may have just welcomed a new heavyweight contender. Apple’s Vision Pro – An industry game-changer While the device launched at Apple’s annual WWDC event, the buzz around its implications for the burgeoning augmented and virtual reality sectors is palpable. Many industry leaders hail Apple’s entry as a critical milestone, a momentous occasion that will invigorate confidence in VR and AR markets. HTC’s CEO Cher Wang, whose company has a…

    Article 2023年6月11日

  • Binance Pay’s grand entry into Brazil: Paving the way for cryptocurrency payments

    TL;DR Breakdown Binance Pay, a contactless and secure cryptocurrency payment platform, has been introduced in Brazil, supporting over 70 cryptocurrencies and offering merchants flexible payment options. With global crypto adoption on the rise, Binance Pay’s launch in Brazil signifies the country’s commitment to innovative payment solutions and its position as a leader in the crypto revolution. Description In a groundbreaking move, Binance, the world’s premier cryptocurrency exchange, has unveiled Binance Pay in Brazil. This innovative payment platform promises to offer local merchants a seamless, efficient, and cost-effective alternative to traditional payment methods, marking a significant shift in the country’s financial landscape. Contents hide 1 Binance Pay: A revolutionary payment solution for Brazil … Read more In a groundbreaking move, Binance, the world’s premier cryptocurrency exchange, has unveiled Binance Pay in Brazil. This innovative payment platform promises to offer local merchants a seamless, efficient, and cost-effective alternative to traditional payment methods, marking a significant shift in the country’s financial landscape. Contents hide 1 Binance Pay: A revolutionary payment solution for Brazil 2 The global crypto adoption wave and Binance Pay’s impressive…

    Article 2023年8月23日

  • Aptos price analysis: APT losses value at $8.17 as bears dominate the market

    TL;DR Breakdown Aptos price analysis is bearish today. APT/USD rallied back below $8.38. Bearish momentum is slowly taking over today. Aptos price analysis shows a negative trend in today’s trading. The APT/USD pair declined to the $8.17 mark after the bulls failed to push the price higher. The APT/USD pair had a high of $8.38 the previous day but the bulls could not sustain the momentum. For now, the pair is trading below its previous day’s high and is likely to remain bearish in the coming sessions. The support for APT/USD remains at $8.01, which supports the bearish trend. On the upside, the resistance is seen at $8.38 and if the bulls can break this level, then we could expect another strong rally in APT/USD. Aptos price analysis 1-day price chart: APT /USD pair is trading in a downtrend On the 1-day price chart, Aptos price analysis is trading in a strong bearish trend. The pair has been declining for most of the past few days in a row. The coin has lost more than 2.69 percent value during the…

    Article 2023年5月23日

  • Uniswap reveals V4 code a secret weapon to transform decentralized trading

    TL;DR Breakdown Uniswap Labs recently announced the release of a draft code for Uniswap V4, the latest version of the popular decentralized cryptocurrency exchange. The introduction of “hooks” in Uniswap V4 allows developers to introduce innovative features such as on-chain limit orders, automatic deposits to lending protocols, and auto-compounded liquidity provider (LP) fees. The main objective of the update is to provide a mechanism for pool deployers to incorporate custom code that performs specific actions at different stages of a liquidity pool’s lifecycle. Uniswap Labs recently announced the release of a draft code for Uniswap V4, the latest version of the popular decentralized cryptocurrency exchange. In a blog post by Uniswap’s Founder, Hayden Adams, it was revealed that the new code incorporates “hooks” or plugins that enable developers to create custom liquidity pools. Uniswap, known for its high trading volume, currently operates on its V3 version, which was deployed on May 4, 2021. The introduction of “hooks” in Uniswap V4 allows developers to introduce innovative features such as on-chain limit orders, automatic deposits to lending protocols, and auto-compounded liquidity provider…

    Article 2023年6月16日

  • “The Next Crypto Gem” TV show premieres on September 7th in 56 countries

    TL;DR Breakdown The Next Crypto Gem, dubbed “the Shark Tank of crypto,” goes live on September 7th in 56 countries.  The show is produced by The Hourglass Collective, a Web3 incubator with an aim to bridge the gap between crypto and mainstream entertainment. Season 2 planning is underway as the show takes major turns in setting the ground for global crypto adoption. Description The world of crypto is coming live to you in a matter of hours. The Next Crypto Gem, a show many have dubbed “the Shark Tank of crypto,” premiers on September 7th in 56 countries. What can investors, enthusiasts, and critics expect? As per the production reports, The Next Crypto Gem draws its inspiration from … Read more The world of crypto is coming live to you in a matter of hours. The Next Crypto Gem, a show many have dubbed “the Shark Tank of crypto,” premiers on September 7th in 56 countries. What can investors, enthusiasts, and critics expect? As per the production reports, The Next Crypto Gem draws its inspiration from entrepreneurial TV shows such…

    Article 2023年9月7日
TOP