Cryptocurrency exchange Liquid has announced it had suffered a data breach on November 13 that led to users' data leak.
Subscribe to our Telegram channel to stay up to date on the latest crypto and blockchain news.
According to an official blog post, Liquid's domain name hosting provider "incorrectly transferred" control over the exchange's account and domain to a bad actor. The exchange says this gave the actor the ability to change DNS records and in turn, "take control of a number of internal email accounts."
"In due course, the malicious actor was able to partially compromise our infrastructure, and gain access to document storage," the exchange said.
Liquid assures that all cold storage crypto wallets are secured and were not compromised. The exchange believes the bad actor could steal personal information from Liquid's user database, including users' emails, name, address and encrypted password.
"We are continuing to investigate whether the malicious actor also obtained access to personal documents provided for KYC such as ID, selfie and proof of address, and will provide an update once the investigation has concluded," the exchange added.
Liquid expects an increase in spam email and phishing attempts. Phishing attempts may be more sophisticated and difficult to detect when a malicious actor has access to a user's personal information, the trading platform emphasizes.
Earlier in July, free VPN apps UFO VPN, FAST VPN, Free VPN, Super VPN, Flash VPN, Secure VPN and Rabbit VPN suffered a security problem that left the personal data of their users available to anyone online.
According to vpnMentor researchers, the data of approximately 20 million people could have being potentially leaked.
Access more than 50 of the world's financial markets directly from your EXANTE account – including NASDAQ, London Stock Exchange and Tokyo Stock Exchange.