INFRA
INFRA
INFRA
261,000 customer records stolen in hack of cryptocurrency investment service
Cryptocurrency investing service Atlas Quantum is the latest crypto company to be hacked, but in a different twist it’s not bitcoin that has been stolen but customer data.
The hack, disclosed by Atlas Quantum on Sunday and later detailed by Have I Been Pwned, is said to have occurred on Saturday. It involved the theft of data relating to 261,000 investors on the platform, including their names, phone numbers, email addresses and account balances.
“We would like to point out that [the hackers] did not steal of bitcoins in custody or violate exchange accounts,” the company said (translated from Portuguese). “However, our customer base was exposed. At the time of the incident, we took immediate steps to protect our database with passwords and private keys remaining encrypted.”
There’s no mention of passwords, encrypted or otherwise being stolen, but the theft of the data creates a real risk that the hackers could impersonate Atlas Quantum customers in the future.
Anurag Kahol, chief technology officer at Bitglass Inc., told SiliconANGLE that the breach suggests that crypto services remain a high-profile target for hackers.
“Even those who do not actively use the platform to store or invest in crypto may have had their personal data exposed,” he noted. “For companies like Atlas that store mass amounts of user data, reputation and user data security are closely tied. Quickly identifying the cause of this breach and mitigating the threat of further data loss is a critical next step for Atlas and prevention should be top of mind for all companies that store high-value data.”
Kevin Stear, lead threat analyst at JASK Inc., noted that the rise of cryptocurrency marketplaces has expanded the attack surface of conventional banking trojan virus campaigns. And those targets are often entities without the robust security and antifraud capabilities of traditional online banking providers.
“Even though no funds were stolen from Atlas Quantum users through this breach, it still should set off a serious alarm — for both users and the company,” he said. “The initial infiltration could be an early step in footprinting for a much larger campaign, such as spear-phishing, for consequential credential stealing and account takeover.”
Jonathan Bensen, director of product management and acting chief information security officer at Balbix Inc., said organizations need to have the right tools in place to know where vulnerabilities exist. “Cryptocurrency platforms need to be taking precautions, as the number of incidents like this seems to be increasing,” he said.
Image: Atlas Quantum
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
