November 18, 2020 | AtoZ Markets – Customers registered with the Liquid exchange may have had their data exposed to hackers, the company said Wednesday.
Update on security incident from 13 November 2020.— Liquid Global Official (@Liquid_Global) November 18, 2020
Having contained the attack, reasserted control of the domain, and performed a comprehensive review of our infrastructure, we can confirm client funds are accounted for and remain safe and secure. https://t.co/ebbLd6eprB
Liquid security breach did not affect cleint funds
According to Liquid CEO Mike Kayamori, the hosting provider transferred control of the exchange account and domain to a hacker. As a result. the hacker changed DNS records and was able to control a number of internal email accounts, and then “partially compromise” the infrastructure and gain access to the document store.
Liquid’s CEO claims that the team was able to contain the attack in time. According to Mike, the bad actor sis not compromise assets and cryptocurrency storages.
The hacker was allegedly able to gain access to the personal data of customers, including email addresses, names, passwords, and residential addresses.
Whether he got access to the documents uploaded during the KYC procedure, Liquid has not yet established. Consequently, Liquid is advising customers to change their passwords and install 2FA credentials as soon as possible.
We will remind, earlier this year about the leak of personal data of a million users was reported by the manufacturer of hardware wallets Ledger.
What do you make of the Liquid security breach? Was it a case of poor security? Let us know your thoughts in the comment section below.