Crypto Firm Nansen Asks Users to Reset Passwords After Vendor Breach
Ethereum blockchain analytics firm Nansen asks a subset of its users to reset passwords following a recent data breach at its authentication provider. Nansen is a popular entity in the cryptocurrency space, offering users insights into Ethereum wallet activity, helping identify emerging projects, and generally helping people make informed investment decisions. In a letter sent to impacted users, Nansen says they learned on September 20t that one of their third-party vendors suffered a data breach. The unnamed vendor was compromised by an attacker who somehow gained access to an admin panel controlling Nansen customer access on the analytics platform. Nansen stopped the malicious activity shortly after the vendor informed them about the incident, but the ensuing investigation confirmed that user data was compromised. "Based on our preliminary investigations over the past 48 hours, 6.8% of our users were impacted," reads Nansen's notice shared on Twitter. "These users had their email addresses exposed, a smaller portion also had password hashes exposed, and a last, smallest group also had their blockchain address exposed."