Fractal ID, the decentralized identity startup and Know-Your-Consumer (KYC) verification provider has disclosed how the company came to suffer data security breach on July 14. In an analysis of the incident, about 0.5% of users in the Fractal ID’s database, equivalent to approximately 6,300 affected users.
The data affected by the breach include names, phone numbers and email addresses, home addresses, wallet addresses and images as well as files containing images and photos uploaded into the network.
Fractal ID Breach Details and Impact
According to its website, Fractal ID which is based in Berlin is a service provider to over 250 companies including notable ones such as Ripple, Polygon and Near. As per the data compromised on its network, the hacker took advantage of a loophole in an employee’s account to gain access to the system.
Notably, his malicious actor using the employee’s administrator-level clearance to the system was able to operate undetected for almost half an hour before an automated system alerted an engineer. The hacker within the 30 minutes time frame, bypassed internal data privacy systems to achieve his malicious intent.
Response and Mitigation Measures
As it is typical of malicious actors, Fractal ID states that an individual who claimed to be responsible for the hack made a ransom demand which they declined. Instead, the company alerted the Berlin cybercrime law enforcement agency. Additionally, users affected by the attack were notified of the data breach.
Meanwhile, to prevent future occurrence, Fractal ID says it has triggered a mechanism meant to restrict accounts that have access to sensitive data. The system will also prevent login requests from unknown IP addresses.
Root Cause and Future Prevention
According to researchers at Hudson Rock, a cybercrime intelligence firm, the employee’s account through which the hacker gained access was infected back in 2022. As per their analysis, after the computer was infected, the victim maintained his password and did not initiate a change, thus granting the hacker easy access.
In a postmortem post, Fractal ID noted: “The operator didn’t follow our opsec policies and training. We have put technical measures in place to ensure these cannot be sidestepped by any operators in the future. This was not the result of a software vulnerability.”
There has been an upsurge in the number of scams this July with the most recent being the WazirX incident and a follow up by malicious actors seeking to profit from it through phishing attacks.
The post Fractal ID Breach Linked to 2022 Employee Password Reuse appeared first on Latest News and Insights on Blockchain, Cryptocurrency, and Investing.