Nansen Vendor Data Breach: Ethereum Analytics Firm Urges Password Reset

Popular Ethereum blockchain analytics firm Nansen recently urged a segment of its user base to quickly reset their passwords after discovering that their third-party authentication provider fell victim to a data breach.

Nansen, esteemed in the crypto domain for offering crucial Ethereum wallet insights and analytics, uses these tools to help customers identify promising Ethereum projects, aiding them in making informed investment decisions.

Breach Details

In a formal communication issued to affected users, Nansen divulged that it learned of the breach on Sept. 20. An unidentified threat actor had reportedly gained unauthorized access to an admin panel associated with Nansen's customer platform through a third-party vendor, whose identity remains undisclosed.

While the breach was promptly addressed to halt malicious activity, subsequent investigations confirmed that customer data had been compromised.

Extent of Exposure

"Based on our preliminary investigations over the past 48 hours, 6.8% of our users were impacted," Nansen said on X. "They further clarified that while all these impacted users had their email addresses exposed, only a subset faced exposure of password hashes. A smaller fraction among these also had their blockchain addresses revealed."

Immediate Response

Nansen quickly sent emails to notify affected users, emphasizing the need for them to reset their passwords as a preventive measure. Although these passwords were encrypted, Nansen still advises a change to thwart brute-force attempts.

They also warn of potential phishing attacks, especially since attackers now possess user email addresses and related crypto-asset information.

Recommendations

Nansen said those who didn't receive an email from the company remain unaffected by this breach. However, the company strongly recommends that all users consider a password reset as a precaution.

With the investigation still in progress, more details surrounding the incident might emerge. Meanwhile, the firm's primary advice for users is to remain vigilant, change passwords, and be on high alert for phishing campaigns.