[BreachExchange] Hotbit Crypto Exchange Confirmed It’s Hacked – Customers’ Personal Data Exposed

[Destry Winant]

https://latesthackingnews.com/2021/05/03/hotbit-crypto-exchange-confirmed-its-hacked-customers-personal-data-exposed/

Another security disaster from the cryptocurrency business has surfaced
online. This time, the Hotbit crypto exchange has admitted service
disruptions as some attackers hacked into its network. While they assure
the customers’ funds remained safe, their personal information suffered a
breach.

Hotbit Crypto Exchange Hacked

The Chinese cryptocurrency exchange admitted to having suffered a cyber
attack. As revealed, some unknown attackers hacked into the Hotbit crypto
exchange network causing massive disruption.

Sharing the details of the incident, the exchange explained that the attack
happened on April 29, 2021. The attackers attempted to access the
exchange’s hot wallets. However, after failing to do so, they deleted the
service’s database.

It means that the users’ funds remained safe, as Hotbit also confirmed via
their tweet.

However, they may have suffered a data breach exposing customers’ personal
information. Regarding the breached information, their update post reads,


"The attacker has already gained access to the database, so your
registration phone number, email address and asset data might have leaking
risk. However, the password and 2FA key are encrypted so theoriotically
[sic] should be safe. But from the security point of view, if your account
and password on another website or app are the same as Hotbit’s, it is
safer to change the password now. "


Following the attack, their services went down, including their website.
Until the time of writing this article, their site displays the following
message with a single link to their security update page.

Given the huge user base of over 2 million users, Hotbit had set up a huge
network of over 200 servers.

However, following the cyber attack, the exchange has decided to rebuild
the infrastructure for security reasons. Hotbit admitted to having suffered
a huge blow with this incident.

We must admit that this is the biggest setback of Hotbit since the
establishment on January 2018.

Also, the exchange requires time to retrieve the data from their backups.

Thus, Hotbit has given an estimated time of 7 to 14 days for service
restoration. Meanwhile, they have asked the users to stay wary of any
phishing attacks.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20210505/bff16d06/attachment.html>