Crypto fraud: security breach at Nansen provider, user data compromised

Related

Share

Latest news regarding the fraud suffered by Nansen: the crypto analytics provider recently claimed to have suffered a security breach, involving the data of nearly 7% of the system’s users, who were promptly notified of the incident. 

See below for full details. 

Nansen: crypto fraud puts data security at risk

As anticipated, the renowned crypto and blockchain analytics company, Nansen, shared via the social media platform X (formerly known as Twitter) that one of its third-party vendors suffered a security breach, involving 6.8% of its users.

Nansen pointed out that this breach allowed hackers to gain administrator privileges on a key account used to “secure customer access” to their platform. 

Although Nansen did not directly mention the name of the company involved, he revealed that this is a “well-established company that is widely used by numerous Fortune 500 companies,” as well as other companies in the industry, for data management.

Data compromised by users involved in the breach included email addresses, along with some password hashes, and some users had their blockchain addresses compromised.

Nansen also reported that it has personally identified and notified those affected and urged them to change their passwords. In addition, the company reassured that the funds in users’ wallets were not affected by this security incident.

As we know, Nansen is a relevant resource in the cryptocurrency field, offering in-depth on-chain analysis related to the industry’s major players.

In fact, Nansen CEO Alex Svanevik recently laid out his belief regarding the future development of a protocol that will reconcile blockchain transparency with user privacy while ensuring regulatory compliance.

OpenSea responds to security breach: the importance of API keys

OpenSea recently issued a warning statement to its users, emphasizing the importance of the security of their API keys following the security breach at Nansen. 

The breach has highlighted the vulnerability of the API, although some users seem not to give this incident its due.

This security breach raises important questions about the state of security within the blockchain ecosystem, especially considering that the hackers gained administrative access to a critical account for clients to access the platform.

However, OpenSea’s response has generated questions among the crypto community about whether the NFT market was involved in such a data security breach.

MatriXBT, a pseudonymous user on X, shared that OpenSea sent a warning email to its users about a compromise of API keys. 

Despite assurances from OpenSea that this will not affect users’ integration with the platform, the advice was to generate new API keys to mitigate the risk of abuse by hackers.

It should be noted that OpenSea’s current API keys will expire on October 2, 2023, with the assurance that the new keys will have the same speed limits and permissions. 

Despite the absence of an official statement from the NFT market, many members of the cryptographic community believe that the security breach has indeed occurred.

A step back: Nansen’s 30% staff reduction 

On May 30, Nansen CEO Alex Svanevik announced via Twitter a difficult decision: the reduction of the company’s staff by 30 percent. This decision was made for two main reasons, outlined by Svanevik.

The first reason concerns Nansen’s accelerated expansion during its early years of operation, which led the company to acquire a structure that was not aligned with its core strategy. 

This downsizing aims to bring the organization back toward a more defined focus.

The second and equally significant reason was a difficult year for the cryptocurrency markets, which necessitated efforts to diversify revenue streams to the corporate and institutional sectors. 

Despite these efforts, corporate costs remained relatively high compared to the company’s current situation. Svanevik emphasized that despite the company’s strength over the years, the priority now is to build a sustainable business model.

The CEO’s announcement also made it clear that employees affected by the reduction will have access to severance packages.