Get all your news in one place.
100’s of premium titles.
One app.
Start reading
Zenger
Zenger
Lennox Kalifungwa

Crypto Analytics Firm Nansen Reports Breach, Exposing User Emails And Blockchain Addresses

Yahoo Finance website with stock market price quotes graph is seen in this illustration photo taken in Warsaw, Poland in August 2023. Breach in Crypto analytics company allowed an attacker unauthorized access to an account used to provision customer access to Nansen's platform. JAAP ARRIENS/NURPHOTO VIA GETTY IMAGES.

Crypto analytics firm Nansen reported a breach involving one of its third-party vendors. The hack exposed 6.8% of user emails and some blockchain addresses.

“Our team has been working day and night in the last 48 hours to mitigate the impact of this incident. The root cause here was that a breach on the vendor’s side gave an attacker access to admin rights in our account,” said Nansen CEO Alex Svanevik to Zenger News.

The breach, which occurred on Sep. 20, allowed the attacker unauthorized access to an account used to provision customer access to Nansen’s platform.

“For us, this is naturally very disappointing, but more importantly, it’s frustrating for those of our users who were impacted. We have strong data privacy policies and processes internally at Nansen, and we’ll continue investing in our security,” Svanevik added.

Yahoo Finance website with stock market price quotes graph is seen in this illustration photo taken in Warsaw, Poland in August 2023. Breach in Crypto analytics company allowed an attacker unauthorized access to an account used to provision customer access to Nansen’s platform. JAAP ARRIENS/NURPHOTO VIA GETTY IMAGES.

Nansen halted the unauthorized access and initiated an investigation.

This incident comes at a time when the global focus on digital assets and their security is intensifying, a topic that will be further explored at Zenger News’s Future of Digital Assets conference on Nov. 14. The conference aims to shed light on the evolving landscape of digital assets and the importance of robust security measures in the industry.

The compromised vendor, recognized for its services to Fortune 500 companies and other entities in the blockchain sector, is now under scrutiny.

“Nansen is not disclosing the name of the vendor but has asked them to communicate on the incident publicly in case others are affected,” said Svanevik when asked to name the vendor.

Preliminary findings from Nansen’s investigation revealed that 6.8% of its users were affected.

While the majority had their email addresses exposed, a smaller subset had their password hashes revealed, and an even smaller group had their blockchain addresses compromised.

Affected users were emailed about the nature of their data exposure.

Yahoo Finance website with stock market price quotes graph is seen in this illustration photo taken in Warsaw, Poland in August 2023. Breach in Crypto analytics company allowed an attacker unauthorized access to an account used to provision customer access to Nansen’s platform. JAAP ARRIENS/NURPHOTO VIA GETTY IMAGES.

Reacting to the incident, Nansen dispatched emails on Sep. 21 advising impacted users to reset their passwords. The company emphasized that while they don’t store passwords in plaintext, there’s a risk of attackers attempting brute force attacks on accounts using the exposed email and password combination.

Nansen assured users their wallet funds remain secure, as the company never requests private keys.

However, they cautioned users to be vigilant against potential phishing attempts and to verify the authenticity of emails purportedly from Nansen.

Produced in association with Benzinga

Edited by Judy J. Rotich and Newsdesk Manager

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.