Nansen Discloses Third-Party Vendor Security Breach

Home » News

Reading time icon 2 min. read

Calendar icon Updated on

by Dejan Cvetnarevic 

updated on

Share this article

Readers help support VPNCentral. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help VPNCentral sustain the editorial team Read more

nansen discloses third-party vendor security breach

Nansen has confirmed that an attacker managed to gain access to its user information through a third-party vendor.

The blockchain analytics platform warned users that phishing attacks may be coming.

Best VPNs we've tested and recommend:
Editor's Choice
Private Internet Access

Access content across the globe at the highest speed rate.

70% of our readers choose Private Internet Access

70% of our readers choose ExpressVPN

ExpressVPN

Browse the web from multiple devices with industry-standard security protocols.
Nord VPN

Faster dedicated servers for specific actions (currently at summer discounts)

Nansen Security Breach – what happened?

Nansen reported that one of its third-party vendors had its systems compromised on Wednesday.

The attacker managed to gain admin rights to an account from which the vendor provisioned access to the platform.

The breach gave the threat actor access to user information including:

  • Email addresses
  • Password hashes
  • Blockchain addresses

According to the company’s preliminary investigations, the breach impacted 6.8% of users.

However, Nansen said most victims only had their email addresses stolen. Hackers only gained access to smaller groups’ password hashes and blockchain addresses.

Nansen has since reached out to the affected users. The company asked them to change their passwords and do the same on other platforms where they use the same credentials.

In addition, it advised them to be wary of potential phishing attacks and double-check emails claiming to be coming from Nansen.

Some users have already confirmed on Twitter that they’ve got their email alerts.

The crypto analytics company didn’t reveal which of its vendors experienced the breach. It only said it’s a reputable organization that many Fortune 500 businesses rely on to manage their customer data.

Nansen has, however, asked the third-party vendor to disclose the breach.

Last week, Fortress Trust confirmed experiencing a similar incident after one of its third-party vendors suffered a phishing attack.

It also said the vendor works with many Fortune 500 businesses. Retool was later named as the company that had its systems broken into.

Fortress Trust also confirmed it lost up to $15 million (mostly in Bitcoin) in the attack.

The breach happened just before Ripple took over the company, accelerating the acquisition process.

Dejan Cvetnarevic

Dejan Cvetnarevic Shield

Gaming and Streaming Expert

Dejan finds working for VPNCentral to be the perfect way to combine two of his biggest passions - writing and tech. He’s a cybersecurity expert who’s always researching the next new thing and sharing his findings with people online. Also an avid gamer, he checks out every new release and tests hardware with much joy.

User forum

0 messages