Nansen Warns Of Potential Phishing Attacks Following Vendor Security Incident Exposing Customer Data

Nansen Warns Of Potential Phishing Attacks Following Vendor Security Incident Exposing Customer Data
Nansen crypto analytics platform reports customer data breach, prompts swift response


Liam 'Akiba' Wright
Sep. 22, 2023 at 11:10 am UTC
2 min read
Updated: September 22, 2023 at 11:10 am
Nansen Warns Of Potential Phishing Attacks Following Vendor Security Incident Exposing Customer Data
COVER ART/ILLUSTRATION VIA CRYPTOSLATE

Share
Crypto analytics platform Nansen has revealed that a bad actor accessed its admin system to provision customer accounts. On Sept. 20, a security breach by one of Nansen’s third-party vendors led to compromised customer access, underscoring the ever-present digital risk, particularly in the continually evolving arena of blockchain technology and cryptocurrency.

According to a post on the official Nansen X account, the vendor is a well-established entity trusted by Fortune 500 companies in the same industry for managing customer data. The breach exposed the admin rights to an account used to provide customers access to Nansen’s platform, a severe issue quickly addressed by Nansen as soon as they became aware of the situation.

Unraveling the extent of the damage, preliminary investigations disclosed that about 6.8% of Nansen users were hit by this incident. This subset of users had their email addresses unveiled, with a smaller fraction also finding their password hashes and blockchain addresses exposed.

Following the incident, Nansen swiftly reached out to its affected users via email, shedding light on the extent of exposure they faced and the necessary precautionary steps to prevent further potential breaches; a password reset was initiated between 5 pm – 9 pm UTC on Sept. 21, emailing requests to affected users from [email protected]. Users are also asked to reset their passwords on Nansen’s platform manually.

What does this mean for affected users?
They are urged to change their passwords immediately, despite Nansen’s assertion that they do not store passwords in plaintext. The risk of brute force attacks on accounts using the exposed email addresses and passwords remains a potential threat. Users’ wallet funds, however, remain unscathed as Nansen does not request private keys. The company has also warned its users to stay vigilant against phishing attempts.

In the wake of this incident, Nansen’s commitment to securing customer data is evident, as they work with the compromised vendor, their external legal advisors, and cybersecurity experts to conduct a thorough investigation. Nansen has assured its users of its dedication to transparency and prompt communication as it navigates through the aftermath of this security breach.