The recent breach involving 1,590 CoinStats crypto wallets was orchestrated by exploiting a CoinStats employee. On June 22, CoinStats, a cryptocurrency portfolio manager, temporarily halted its services upon detecting an ongoing attack targeting its wallets. A swift and proactive response managed to restrict the hacker’s access to just 1.3% of all CoinStats wallets, resulting in a $2 million loss.
Source:
Narek Gevorgyan
Five days later, on June 26, CoinStats CEO Narek Gevorgyan disclosed the outcomes of an internal investigation, highlighting social engineering as a prevalent tactic used by hackers to manipulate victims and seize control of computer systems.
CoinStats has temporarily shuttered its website as it addresses the security matter. Source: CoinStats
While Gevorgyan’s statement did not explicitly assure reimbursements for affected parties, the company intends to outline a comprehensive action plan following a thorough post-mortem analysis.
Some members of the community have reported significant losses due to the breach. For instance, Blurr.eth purportedly lost 3,657 Maker (MKR) tokens valued at around $8.7 million.
Source:
Wu Blockchain
Nevertheless, the company has not yet acknowledged these allegations.
Related:
1,590 CoinStats crypto wallets ‘affected’ in security breach
Security breaches have increasingly become a concern among cryptocurrency service providers. On June 5, CoinGecko, a cryptocurrency data aggregator, experienced a breach through its third-party email management platform, GetResponse. Similar to the CoinStats incident, the breach at CoinGecko stemmed from a compromised employee account, according to the company’s announcement on June 7:
The compromised data includes users’ names, email addresses, IP addresses, location of email opens, and other metadata such as sign-up dates and subscription plans.
Magazine:
Polkadot’s Indy 500 driver Conor Daly: ‘My dad holds DOT, how mad is that?’