(BlockBar) QuickBit, a Swedish cryptocurrency exchange listed on the NGM Nordic MTF market, leaked 300,000 customer records through an unprotected MongoDB database.
The breach was first noticed by cybersecurity researcher Shodan, who noted that the MongoDB database was not protected and become a public database. Security researcher Paul Bischoff then revealed the leak. QuickBit said the breach was caused by an outside contractor who didn’t protect data when security upgrading
Two percent of customers’ personal information, including names, addresses, email addresses and credit card details, were leaked. According to QuickBit, no passwords or social security Numbers, complete account or credit card information, cryptocurrency or private keys, or financial transactions were exposed or affected.
QuickBit first raised its suspicions about the data incident on July 19, saying its internal investigation showed that neither QuickBit nor the company’s customers were affected. Later in the day, Jorgen Eriksson, the exchange’s managing director, wrote that outside security experts warned the company that some data was poorly protected.
The exchange explained how the database went to public:
The QuickBit team removed the database on or around July 3 after receiving notification that it was open. The leaked records include full name, address, email address, user gender and date of birth. QuickBit says it did not disclose any passwords or SSNS, or any cryptocurrency keys.
QuickBit further claims that, Its bureau of labor statistics have taken steps to ensure that all servers are protected and prevent the possibility of similar incidents, Adding that it will publish a public version of the incident report on its website.
However, As stated by Bischoff, “In addition to these records, we found 143 internal credential records, including merchant, key, name, password, password phrase, user ID, and other information.”
Security is no small matter, blockchain industry is starting and developing, security problems occur frequently, we can not predict the future may occur, but when the problem is exposed, it should be paid attention to, to protect the safety of the platform and users.
Weekend is the most representative female writer in the blockchain industry. She is known for her keen news capture ability and is good at English writing of blockchain news in the Chinese region.