Security researchers at the data leak index website "Have I Been Pwned" said that password data and personal information of 2.2 million users on two websites were leaked.
On November 19th, Ars Technica reported that security researcher Troy Hunt confirmed that the stolen data came from the account of the cryptocurrency wallet GateHub and the RuneScape robotic provider EpicBot.
- Analysis: Why can Bitcoin submit a listing application secretly?
- Depth | Block rewards are about to be halved, is BTC still safe? (under)
- ETH 2.0 is coming online, what are the main changes?
- Hodling VS DeFi: What is the best posture for investment?
- Central Bank Shanghai Headquarters Graphic Blockchain: Blockchain virtual currency, developing blockchain technology away from virtual currency speculation
- Babbitt column | See the application of blockchain in medical and health fields from drug anti-counterfeiting and medical insurance claims
Hunt said the first stolen data came from the personal information of the 1.4 million user accounts of the cryptocurrency wallet GateHub. The second batch contains data from approximately 800,000 user accounts claiming to be EpicBot, the world's safest integrated RuneScape robot provider.
According to reports, stolen information includes registered email addresses, passwords, two-factor authentication keys, mnemonic phrases, and wallet hashes. According to their findings, insiders at GateHub said that these wallet hashes were not accessed.
This is not the first time that Gatehub has experienced data breaches. According to reports, in June this year, hackers invaded about 100 XRP Ledger wallets, resulting in nearly $10 million in stolen funds.
Also in June, Gatehub warned that there were phishing scams targeting its cryptocurrency wallet users. According to the company, GateHub's wallet users received malicious emails, and the address appeared to be from the official GateHub: "@gatehub.com" and "@gatehub.net" respectively.
In late August last year, Gatehub account data was posted to a hacker website. Three months ago, the cryptocurrency service company reported that it had been hacked. GateHub claims that the attacker has stolen — or at least tried to steal — a large amount of sensitive information from more than 18,000 user accounts.
In response, GateHub said that the site administrator notified the affected users and generated a new encryption key and re-encrypted sensitive information, such as the wallet's key.
In contrast, the data that was leaked this time is broader. More importantly, this leak affected up to 1.4 million GateHub users, not just 18,473 users.
Currently, GateHub has not commented on this information disclosure.
As technology and security improve, the hackers implement fraud and attacks. One of the most serious events in recent years has been the hacking of NiceHash, a bitcoin mine in Slovenia. In December 2017, a hacker stole about 4,700 bitcoins worth about $64 million. The platform said the security breach was a highly skilled and organized attack that was conducted through complex social engineering.