Renowned on-chain analytics leader Nansen recently encountered a security breach from a third-party service provider. This incident brought to light vulnerabilities which, though isolated, were significant.
The Initial Alarm
On the 20th of September, an unexpected breach in one of Nansen’s associated third-party vendors was discovered. This lapse granted outsiders unauthorized entry to accounts overseeing user accessibility to Nansen’s offerings.
In the 48 hours post-breach, recent analytical findings highlighted that about 6.8% of Nansen’s clientele faced repercussions. Specifically, these affected individuals witnessed the exposure of their email IDs, while a subset even had their password hashes unveiled. Disturbingly, some users’ blockchain addresses were jeopardized.
As per Nansen’s communication, the third-party entity entangled in this breach is a well-established figure in the industry. Catering to a roster inclusive of Fortune 500 firms and various crypto enterprises, the gravity of this breach takes an amplified significance. Nansen promptly recommended the vendor go public about the breach, enlightening others at risk.
Proactive Measures & Nansen Client Communication
Post the revelation, affected parties received an immediate notification from Nansen’s support team. This communiqué elucidated the breach’s depth and suggested an urgent password reset. Given the unveiled email addresses and password hashes, it was an imperative step to ward off potential unauthorized infiltrations.
Alex Svanevik, the CEO of Nansen, came forward, reaffirming his organization’s dedication to user data security.
“The sanctity of user data remains paramount for us,” stated Svanevik. “Our ongoing collaboration with the third-party vendor, coupled with consultations from legal and cybersecurity experts, aims to facilitate a thorough investigation.”
Moreover, the firm issued a warning while assuring the safety of clients’ wallet balances – thanks to Nansen’s policy against requesting private keys. They emphasized the importance of being on guard against potential phishing attempts and encouraged double-checking any correspondence allegedly from Nansen. Criminals will leverage any opportunity to try and cause more damage.
Please note that the information provided on this page is not intended to be and should not be interpreted as legal, tax, investment, financial, or any other form of advice. It is important to only invest what you can afford to lose and to seek independent financial advice if you have any doubts. For further information, we suggest referring to the terms and conditions as well as the help and support pages provided by the issuer or advertiser. CryptoMode is committed to accurate, unbiased reporting, but market conditions are subject to change without notice.