Bitfinex Responds to Minor Security Breach: User Protection Assured
Bitfinex, a cryptocurrency exchange, disclosed a recent security incident involving the unauthorized access of certain customer support boards by an individual or group via a phishing attack on a support agent.
This breach occurred between October 30 and November 5 and resulted in a series of phishing attempts on Bitfinex users. However, the impact was limited, as explained in the company’s statement on November 4.
According to Bitfinex, the accessed support boards contained outdated and incomplete information, and the compromised agent did not possess elevated permissions or access to critical tools or help desk tickets, mitigating the potential damage.
Bitfinex emphasized that despite this breach, their systems remained uncompromised, and no customer funds were compromised. They clarified that their server, wallet, and database infrastructure remained untouched, assuring users that their assets and password information were not at risk. Furthermore, most affected customer accounts were either empty or inactive.
While the issue has been resolved, Bitfinex is conducting a comprehensive review of the incident and the compromised information. The company is actively engaging with affected customers and has reported the incident to law enforcement. They are collaborating with investigative authorities to identify and pursue the individual or group responsible for the phishing attack.
Bitfinex underscored its commitment to security, highlighting its past success in prosecuting individuals attempting to compromise their operations. They also mentioned their regular security protocol reviews and the mandatory cybersecurity training for all employees despite this incident occurring.