Liquid Suffers Data Breach, Blames Hosting Provider

Reading Time: 2 minutes
  • Cryptocurrency exchange Liquid has revealed that a hacker has obtained personal user information
  • The hacker gained entry to the Liquid systems through the company’s web domain provider
  • User funds seem to be safe, thanks to the exchange’s encryption methodology

Cryptocurrency exchange Liquid revealed yesterday that a data breach could have led to the leaking of user data, including personal details and encrypted passwords. The Japanese exchange confirmed that an error by their web provider had led to their internal network being compromised, with the hacker gaining access to personal information that could be used in phishing attacks, although they have reassured users that their funds are under no “immediate threat”.

Web Domain Provider Duper by Hackers

Liquid CEO Mike Kayamori broke the news via a blog post on the Liquid website, stating that a “recent security incident and data breach” had taken place which saw the attackers steal data that “may include data such as your email, name, address and encrypted password.”

Kayamori lays the blame at the feet of their web hosting service who “incorrectly transferred control of the account and domain to a malicious actor” in what appears to be an attack similar in nature to a SIM swap. Having control of the domain allowed the hacker to change DNS records and take control of some internal email accounts.

They were then able to “partially compromise our infrastructure, and gain access to document storage” according to Kayamori.

Liquid Says Funds Are Safu

The hack led to personal details of users being leaked, including “data such as your email, name, address and encrypted password.” Liquid is also investigating whether the hacker obtained KYC documentation such as photos and addresses, which would represent an even bigger concern to users, with identity theft a real possibility.

Liquid reassures users that they do not believe there is an “immediate threat” to Liquid users due to the “use of strong password encryption”, although as standard in such situations, a password and two-factor authentication reset is recommended.