Nansen, a leading blockchain analytics platform, recently fell victim to a significant security breach. The breach, which occurred through a third-party vendor, led to the exposure of sensitive user data. This is another major attack on the crypto industry this month.
On the 22nd of September, it was revealed by Alex Svanevik, the Chief Executive Officer of Nansen, that a significant cyberattack had impacted one of their third-party vendors. The attack, which took place on September 20th, granted the intruder unauthorized access to an admin account that managed user access to the Nansen platform.
🚨 Important update from us at Nansen. Please take a moment to read this. pic.twitter.com/syKE0sNnC6
— Nansen 🧭 (@nansen_ai) September 22, 2023
Crypto Industry Affected by Another Cyber Attack
The security breach affected 6.8% of Nansen’s user base, with the extent of compromised sensitive information varying among users. The data breach led to the exposure of users’ email addresses, significant password hashes, and blockchain addresses.
The identity of the vendor involved has not been revealed, however, it has been reported that the firm is well-recognized and serves a clientele that includes several Fortune 500 companies, along with various entities in the cryptocurrency industry.
Nansen has urged the vendor to make a public announcement about the incident, acknowledging the potential widespread impact on other entities that depend on their services. The company promptly terminated the access and reassured its users that an investigation into the matter was in progress.
The company has stressed that users’ passwords are not stored in an unencrypted format, but there is a worry that cybercriminals might exploit the exposed email addresses and password hashes to launch further attacks. Users have been strongly advised to update their passwords to mitigate any additional risk.
Nansen maintains that the funds in the wallets remain untouched. However, they have cautioned users to be vigilant against phishing attempts and to always confirm the identity of the sender in any communication purporting to be from Nansen.
The impact of the breach is likely to be more extensive, as the report indicates that the compromised vendor provides services to several Fortune 500 companies.
This incident underscores the importance of robust security measures in the rapidly evolving cryptocurrency industry, which has become a prime target for cybercrime.
Established in the year 2020, Nansen has successfully raised a total of $88.2 million in funding. This substantial amount was contributed by a group of 44 investors, which includes notable names such as a16z, Accel, Old Fashion Research, and L1 Digital, according to data provided by Crunchbase.