Key Takeaways
- Event transpired when a customer support agent was targeted in a hacking attempt, leading to subsequent phishing attacks on Bitfinex users
- Bitfinex noted no customer funds were compromised in the incident
Bitfinex, a prominent cryptocurrency exchange, has disclosed a security breach that unfolded between October 30 and November 5.
This event transpired when a customer support agent was targeted in a hacking attempt, leading to subsequent phishing attacks on Bitfinex users. Despite these security breaches, Bitfinex asserts that the damage incurred was minimal, as detailed in a statement released on November 4.
Bitfinex clarified that the breach originated from the phishing of a customer support agent, which allowed an individual or group to gain access to a portion of customer support boards. This section contained partial, incomplete, and outdated information.
Fortunately, the infiltrated customer support agent did not possess “senior permissions,” meaning their access was limited to supporting tools and help desk tickets.
Importantly, Bitfinex emphasizes that the core systems remained untouched, and no customer funds were compromised as a result of the incident. The exchange reassured its users by stating that “No server, wallet, or database infrastructure was accessed.”
Moreover, Bitfinex highlighted that “At no time were customer assets on the platform at risk, nor was password information accessible.” Notably, most of the affected customer accounts were either empty or inactive.
Bitfinex has declared that the issue has been effectively “resolved.”
However, the exchange is diligently reviewing the incident, the compromised information, and actively reaching out to customers who may have been impacted by the security breach.
This incident serves as a stark reminder of the paramount importance of upholding stringent security measures within the cryptocurrency industry, where security breaches and hacks are ever-present risks.
Notably, in August, it was revealed that a New York man had confessed to being the original hacker behind the 2016 cyberattack on Bitfinex, resulting in a theft valued at $4.5 billion.
