- Hedera has accidentally leaked semi-redacted emails.
- The user group accidentally leaked the semi redacted emails.
- HBAR PRICE saw the bulk upload of council, Hedera & Swirlds staff emails & alerted Hedera to the data breach, after which they were taken down.
Hedera is the only public distributed ledger that uses the hashgraph consensus mechanism, fast, fair, and secure. In addition, Hedera’s governance is completely decentralized, with up to 39 term-limited and diverse leading organizations and enterprises.
Our sources say Hedera has accidentally leaked semi redacted emails of Boeing, LGElectronics, SBGroup, ShinhanBankENG, Nomura, EDFofficiel, tata_comm Wipro, eftposAust, UCL, Avery Dennison, FISGlobal, DLA_Piper, zain, Swirlds & its staff. The leak of emails has increased the risk of causing a Cyberattack.
As per our sources, 91% of cyberattacks start with phishing emails. Spear phishing involves an attacker directly targeting a specific organization or person with tailored phishing communications and social engineering.
Hedera user group is closed now. It was chaired by Rob Allen & 2 others. The user group accidentally leaked the semi redacted emails. HBAR PRICE saw the bulk upload of council, Hedera & Swirlds staff emails & alerted Hedera to the data breach, after which they were taken down.
The fact that a bulk upload of emails from council members can be leaked by Hedera shows how this network is vulnerable to centralized data breaches, which could result in a cyberattack.
According to our sources, this is just one of 100’s of mistakes & issues reported to Hedera in the last few years. Unfortunately, the Hedera community and the team have a culture of silencing & shunning critics. When combined with cybersecurity issues, this is a dangerous combination.
It is unknown if the Hedera council members were ever informed of this data breach. They definitely should have been. The community who were also affected was not informed about it. While the emails were semi redacted, it was straightforward to work out the full email address with the provided data in almost all cases.
As per our source, redacted email addresses took this form in many cases, e.g., firstname.lastname@example.org. As a result, hackers could quickly work out the emails of many, if not all of the key executives in the council, Hedera, Swirlds, and potentially dev-ops team members working on the Hedera nodes.
Our sources further said that while the emails leaked may not be circulating in the DarkWeb at this time. However, no one can guarantee that. It is also possible that computers are already compromised due to this data breach, and Hedera could be the cause of a future cyberattack.
Even with names like Google involved, Hedera can still make big mistakes. The fact that Hedera hasn’t disclosed this data breach to the public shows they lack the integrity to handle the types of use cases they are going after, including Digital ID and CBDC.