ConsenSys Reports Data Breach Affecting Over 7,000 MetaMask Users

ConsenSys announced today that one of its most well-known products, the MetaMask crypto wallet, suffered a data breach. The attack targeted a third-party customer service provider, not the application itself.

The issue came to ConsenSys’s attention in August 2021 and was resolved in February 2023. The firm claims that MetaMask users who did not contact customer service during the affected period have nothing to worry about. Any users who did contact MetaMask support and who did not share personal information are also in the clear.

Who Is at Risk?

Between August 2021 and February 2023, unauthorized actors gained access to ConsenSys’s third-party customer service provider. As a result, MetaMask users who contacted them for customer service support and who also shared personal information may be at risk.

MetaMask support requires limited personal data to provide the help needed. However, customers are able to type in additional information at their own discretion. According to Consensys’s blog, users might have entered “economic or financial information, name, surname, date of birth, phone number, and postal address.”

Because of the nature of the attack, it is difficult to say exactly who is at risk. Consensys estimates that the data breach affected around 7,000 people worldwide. A spokesperson for the company told BeInCrypto that its investigations show that three users suffered economic loss as a result of the incident.

What Was Done?

ConsenSys claims in its blog post that the firm has stopped the unauthorized access and the threat is not ongoing.

“As first steps, ConsenSys performed data gathering and an initial investigation in order to determine the veracity and criticality of the incident and implement containment measures,” a ConsenSys spokesperson told BeInCrypto.

Given that the firm first learned of the data breach in August 2021, some may wonder why the issue took a year and a half to come to a resolution.

“While it appears upon retroactive forensic investigation the malicious acts began in August of 2021, we needed to become aware of those acts and conduct an appropriate forensic investigation to determine the source,” said the spokesperson.

“ConsenSys

Go to Source to See Full Article
Author: Virginia Valenzuela

Did you like this?
Tip BTC Newswire with Cryptocurrency