Nansen, the blockchain analytics platform widely trusted for its insights and data-driven solutions, has experienced a cybersecurity attack. The breach report sent shockwaves through the company’s user base.
The well-known crypto and blockchain analytics firm announced on the social networking platform X that one of its third-party vendors had a security compromise that affected 6.8% of its customers.
According to Nansen, the security breach provided hackers with administrative access to an account used to “provision customer access” to its platform. Meanwhile, one of the company’s third-party vendors informed the company on September 20 that their systems had been infiltrated.
Nansen user data under hacker’s mercy
According to reports, the breach allowed unauthorized access to a critical account responsible for granting consumer access to Nansen, raising concerns about the security of user data.
Nansen’s ordeal started when one of its trusted third-party vendors fell victim to a cyberattack, resulting in unauthorized access to a customer access provisioning-critical administrator account. While swift action was taken to stop the breach and initiate an investigation immediately, this incident continues to have repercussions.
An initial investigation revealed that 6.8% of the company’s user base had their email addresses compromised. A smaller subset of password hashes and blockchain addresses were also exposed, according to the report.
The affected vendor, which is well-known for serving several Fortune 500 companies and other industry leaders, must now disclose the breach to the public. According to Nansen, this would assist in notifying other potentially affected organizations.
Nansen stated that it has identified and notified all affected users, requesting that they change their credentials. It also clarified that the event had no effect on wallet funds.
Yesterday, some Nansen users tweeted that they had received an email alert from the company.
This precautionary measure is critical in protecting user accounts from any brute-force attacks perpetrated by hostile individuals.
The company stated that it is conducting a comprehensive investigation with the vendor and external legal counsel and that it is “committed to communicating as transparently as we can with our users.”
What comes next for Nansen and its customers?
Nansen urged both afflicted and unaffected users to remain vigilant against phishing attempts. In addition, it stated that authenticating the sender’s identity for all communications purporting to come from Nansen is essential to thwart potential phishing attempts.
The data firm asserts that it will always prioritize the security and privacy of its consumers. The company has launched a comprehensive investigation, working closely with the affected vendor, external legal experts, and cybersecurity specialists to determine the fundamental causes of the data breach and ensure that similar incidents do not reoccur.
The company has pledged to communicate transparently with its user base, acknowledging their concerns and endeavoring to provide a safe and secure environment. Users with queries or concerns are encouraged to seek clarification from the company.
Meanwhile, Nansen assures its users that the security of their information and assets remains a top priority.
Nansen is a well-known resource in the crypto field, providing on-chain data on many of the industry’s main participants. In May, the company was one of many that suffered the consequences of the ongoing bear market and laid off about 30% of its workers.
In a recent interview, Alex Svanevik, CEO of Nansen, stated that he expects a protocol will exist in the future that strikes a compromise between blockchain transparency and user privacy while remaining compliant with authorities.