Crypto Lender BlockFi Suffered A Data Breach By A SIM-Swapping Hacker; Funds Are Safe
BlockFi, a New York based crypto lending firm, has said that that the platform was compromised in a recent data breach. The company sent out a memo to its users on May 18 acknowledging the incident but noted that funds are safe.
According to the memo, this breach occurred on May 14 and lasted for around an hour. The attacker gained access of BlockFi's ecosystem through one of its employee's credentials in an alleged sim swap.
“A BlockFi employee’s phone number was breached and utilized by an unauthorized third party to access a portion of BlockFi’s encrypted back-office system.”
While in the system, this unauthorized party was able to view BlockFi's retail marketing information. Basically, this means an exposure in clients account activity, postal and email addresses. Sensitive information such as social security numbers, passport, bank details and government ID's were, however, not exposed. The incident report highlights,
“The unauthorized third party was able to access BlockFi client information typically used by BlockFi for retail marketing purposes throughout the duration of this incident.”
Notably, the attacker also tried to withdraw funds but was unsuccessful after BlockFi kicked them out of the system. Zac Prince, the firm's CEO, has since confirmed to The Block that less than half of their retail clients were exposed while no institutional clientele was affected by the breach.
BlockFi's Mitigation Response
This type of attacks has become common within the DeFi space and crypto market at large. Last year, BitMEX which is a leading crypto exchange also experienced a breach. It, therefore, follows that crypto entities built with some vulnerabilities ought to be prepared for these events. BlockFi for instance notes that it will continue to prepare in case of similar attack in future,
“We are constantly reviewing and improving our systems and security processes and will be accelerating efforts in a number of areas as a result of this activity.”
A spokesman from the firm also echoed that their response had been prompt hence the mitigation. This was mainly supported by the firm's underlying policies and safeguards to protect clients' assets and data.