Crypto analytics platform Nansen reported a security breach this morning, noting that some users’ blockchain addresses and password hashes had been exposed, along with email addresses.
In a public letter, the analytics firm wrote that the breach had occurred after one of its third-party vendor’s systems were compromised. A preliminary investigation revealed that 6.8% of its user base was affected, with their email addresses exposed. The report added that a smaller subset of password hashes and blockchain addresses of some accounts were also exposed.
The breach occurred because the online system of a third-party vendor “used by many Fortune 500 companies” was compromised, according to Nansen, which did not name the vendor.
🚨 Important update from us at Nansen. Please take a moment to read this. pic.twitter.com/syKE0sNnC6
— Nansen 🧭 (@nansen_ai) September 22, 2023
The firm notified affected users yesterday through mail, advising them to change their passwords as other applications with the same email address and password could be at risk.
Some Nansen users tweeted about receiving an email alert from the firm yesterday.
I have 2 accounts on @nansen_ai and received 2 of these emails the last hour. Phishing or is my pc controlled? (these are 2 different emails on 2 different accounts) pic.twitter.com/muXD9tdwhu
— Zoomer Oracle (@ZoomerOracle) September 21, 2023
The company stated that it is conducting a full investigation with the vendor and external legal advisors, and is “committed to communicating as transparently as we can with our users.”