Leading cryptocurrency exchange Huobi has addressed a significant data breach that leaked the contact details of 4,960 users.
The breach occurred due to improper operations in the testing environment of Huobi’s Japanese AWS site on June 22, 2021. A white hat hacker first notified Huobi about the issue in June 2022. However, the response time to rectify the issue faced some delay.
According to the report, the breach involved the exposure of credentials granting write privileges to Huobi’s AWS S3 buckets. These buckets were linked to all of Huobi’s login pages, and the breach could have potentially affected every Huobi user over the past two years.Â
Exposed data included user contact details, account balances, data on ‘crypto whales,’ and over-the-counter (OTC) trade data.
Huobi, which handles over $10 billion in monthly trading volume, has stressed that no user accounts or funds were compromised during the breach. On June 20, the company promptly deleted and secured the compromised account and cloud storage, and no evidence suggests the breach was used for any nefarious attack.
Despite the potential severity of the breach, Huobi’s response effectively secured the exposed cloud storage, once again highlighting the importance of robust security measures in the digital currency industry.
Also Read: Huobi Token Tanks 90%, Justin Sun Affirms Funds are ‘Safe’