On the 21st of May i.e. this Thursday, cryptocurrency lending platform BlockFi’s systems were compromised by a hacker who gained unauthorized access its database containing E-mail addresses, user names. Personal addresses and activity history.
Published on its website, an incident report stated that, as BlockFi logged the breach they found and were able to confirm that “No funds, passwords, tax identification numbers, social security numbers, bank details and information, passports, licenses or any similar non-public identification information” has been hindered.
Looking at it now, there is a sense of relief but it has to be kept in mind that many bad things similar to this or even worse could be performed by a not so average good guy or gal.
Many have asked how BlockFi was even breached? According to them, criminals targeted one of BlockFi’s employees who performed a SIM swap attack, having technically full control of the employee’s phone number.
SIM swap attacks aka Port Out scams are typically a scammer or a group of them successfully fool cellphone operators into giving them full control over target’s phone number. You see the mind games right here?…… Made me sad already ;_;
Well, if you figured it by now, the hacker or hackers not only just get those lovely phone calls and text messages intended for you but also the ones which are used by some systems for authentication purposes for logins and other things like OPTs.
As scam attempts like this are becoming more common, many systems and companies have opted and promoted the use of SMS messages and Two-factor authentication methods together as Two-factor authentication provides a last line of defense against these attempts.
As BlockFi’s employee’s phone number was in the control of the hacker, the hacker was able to gain control on resetting the victim’s email password which in a few moments helped the perpetrator gain access to their email account then tried to pull out data about the customers which in turn was proven unsuccessful and also made a failed attempt to make unauthorized withdrawals of BlockFi’s clients’ funds.
They were able to prevent another attack attempted on them by the hacker. They stated this was because they took swift action by suspending the affected employee’s access to prevent further breaches and damage and also putting “additional identity controls for all of BlockFi’s employees.
BlockFi declared, “Due to the nature of the information that was leaked, we do not believe there is an immediate risk to BlockFi clients or company funds.”