Hdr_About.jpg

Detail Analysis

link.png

Date:

Status:

Count:

Contributor:

November 13, 2020

info.png

Verified

2

zerofriction.io

Loss Amount:

-

info.png

Recovered Amount:

-

Currency:

Dollars

KYC By:

Audit By:

None

None

info.png

Website:

Twitter:

No data

Discord:

No data

Telegram:

No data

Medium:

No data

Github:

No data

info.png

Key Indicators

Platform:

Type:

Category:

Method:

Exchange

Assets

Loss of Privacy

Extended Method:

Data leak

Data Sources:

info.png

Mike Kayamori, CEO of cryptocurrency exchange Liquid, posted a notice on the official website that a data leakage security incident occurred on the exchange on November 13. A domain hosting provider that manages a core domain name mistakenly transferred control of the account and domain name to a malicious intruder, allowing it to change DNS records, thereby controlling a large number of internal email accounts, and being able to partially damage the exchange’s Infrastructure and gain access to stored documents. After detecting the intruder, immediate action was taken to intercept and contain the attack to prevent further intrusions and reduce the risk of customer accounts and assets, while conducting a comprehensive review of the infrastructure. It can be confirmed that the customer's funds are safe, and the cold wallet based on MPC (Multi-Party Computing Protocol) is safe and has not been damaged. The relevant regulatory agencies have been notified of the intrusion and will continue to communicate in the next few days. The attacker may have obtained the user's email, name, address, and password. At present, Liquid is investigating whether the attacker has accessed the identity documents and photos submitted to KYC for verification, and will provide updates after the investigation.Liquid announced the final findings on January 20, 2021. Liquid stated that 169,782 items of user data including email addresses, names, encryption passwords, API keys, etc. have been leaked. Among them, the personal information that may be accessed illegally is the user who went through the KYC process before October 2018, such as the user's ID card, self-portrait picture, proof of address and other identity verification documents 28,639.

info.png

DISCLAIMER: While Zero Friction LLC has used the best efforts in aggregating and maintaining this database, Zero Friction LLC makes no representations or warranties with respect to the accuracy or completeness, and specifically disclaim any implied warranties of merchantability or fitness for any particular purpose. 

Under no circumstances, shall Zero Friction LLC be liable for any loss of profit or funds, any regulatory or governmental penalties, any legal costs, or any other commercial and non-commercial damages, including but not limited to special, incidental, consequential, or other damages from any or all usage of the dataset or information derived from our database.