Huobi leaked user data for two years


Cryptocurrency exchange Huobi has fixed a data breach that has reportedly put users’ assets at risk since June 2021. White hacker Aaron Phillips drew attention to this.

According to him, the violation was related to the disclosure of credentials that give write access to all baskets of Huobi AWS S3 cloud storage. Phillips first notified the exchange of the incident in June 2022.

“Anyone with access to the credentials could change content on Huobi domains, including and User data and internal documents were also exposed to the risk of disclosure,” the researcher said.

Phillips claims that the severity of the hack was significant and could have resulted in “the biggest theft of cryptocurrencies in history.” However, he found no evidence that the breach was used to carry out the attack.

The hacker highlighted the vulnerability of content delivery networks (CDNs) and Huobi sites that could lead to the injection of malicious scripts. According to him, CDNs could have compromised every Huobi login page, potentially affecting every user who has logged into the Huobi website or app over the past two years.

“Users risked losing their account and crypto assets and exposing sensitive information such as contact details and account balances, including Huobi OTC trading data,” Phillips added.

Representatives of the exchange said in a comment to The Block that their specialists deleted the compromised account, closed file permissions and protected the cloud storage on June 21. At the same time, the contact information of 4960 clients of the trading platform got into open access.

“The leak does not include sensitive information and does not affect user accounts or the security of funds. The incident occurred on June 22, 2021 due to staff mismanagement related to an S3 bucket in the test environment of the Japanese AWS Huobi site. Relevant user information was completely isolated on October 8, 2022,” Huobi noted.

The company emphasized that the Japanese exchange website and the global platform are not connected.

Recall that in December 2022, the Gemini cryptocurrency exchange reported a leak of user data as a result of a series of phishing attacks.

Found a mistake in the text? Select it and press CTRL+ENTER

ForkLog Newsletters: Keep your finger on the pulse of the bitcoin industry!


Leave a Reply