Liquid, one of the largest cryptocurrency exchange by volume, has disclosed a security breach, which exposed its customers’ personal information, possibly including names, addresses and encrypted passwords.
According to a blog post on Liquid’s website, the incident took place last week, on Friday 13.
“On the 13th of November 2020, a domain name hosting provider that manages one of our core domain names incorrectly transferred control of the account and domain to a malicious actor. This gave the actor the ability to change DNS records and in turn, take control of a number of internal email accounts. In due course, the malicious actor was able to partially compromise our infrastructure, and gain access to document storage,” Mike Kayamori, CEO of the cryptocurrency exchange explained.
He went on to say that the attack was intercepted and contained before the intruder stole any funds, but further investigation revealed that the attacker was able to harvest personal data fr om Liquid's database wh ere user information was stored. It is not clear whether the malicious actor also obtained access to personal documents provided for KYC such as ID, selfie and proof of address.
Liquid is not the first cryptocurrency service that fell victim to a DNS hijacking attack. In June 2020, hackers obtained access to Coincheck's DNS records and modified the records to forward incoming emails to them.