QuickBit Confirms Security Breach Exposed Details of Over 300,000 Customers

Neil Dennis

22 Jul 2019
/
In #Security

QuickBit, a cryptocurrency exchange listed in Sweden, confirmed on Monday reports of a security breach that left many of its customer records exposed.

Reporting for Comparitech, tech writer Paul Bischoff claimed that a database containing more than 300,000 customer records was left open so “anyone online could view its contents”.

QuickBit sells cryptocurrency to customers who are able to pay for purchases with credit cards. Although some of these details could be seen, the company insisted in an update on its blog that full card information was not exposed.

Third-Party System Delivery

The security breach occurred during the delivery of a new third-party supplied system for customer screening. QuickBit said in a press release:

In connection with the delivery of this system, it has been on a server that has been visible outside QuickBit's firewall for a few days, and thus accessible to the person who has the right tools.

The database included information about customers’ names, addresses, email details and truncated credit card information [first six and last four digits] for “approximately 2% of Quickbit’s customers – around 300,000 people, according to Bischoff’s report.

No Harm to Company or Customers

QuickBit stressed the following details had not been included in the security breach:

No passwords or social security numbers have been exposed
No complete account or credit card information has been exposed
No cryptocurrency or keys for this have been exposed
No financial transactions have been affected

It added:

QuickBit's technicians have immediately taken steps to ensure that all servers are protected behind firewalls, and prevent the possibility of similar incidents. We want to emphasize that the data that has been accessed cannot be used to harm either the company or its customers.

How it Happened

Bischoff, along with security researcher Bob Diachenko, discovered that a MongoDB database – a specially developed system for handling documentation – had been left exposed on July 2 and immediately notified QuickBit by email. The database was pulled offline within 24 hours of this notification.

While QuickBit insisted its customers were safe and that their full credit card numbers had not been exposed, fraudsters can use some of the personal information that was available to conduct phishing attacks and could make hacking attempts easier.

QuickBit said the supplier of the third-party system was involved in assessing data security and that it would publish a public version of the incident report on its website shortly.

Disclaimer

The views and opinions expressed by the author, or any people mentioned in this article, are for informational purposes only, and they do not constitute financial, investment, or other advice. Investing in or trading cryptoassets comes with a risk of financial loss.

QuickBit Confirms Security Breach Exposed Details of Over 300,000 Customers

Third-Party System Delivery

No Harm to Company or Customers

How it Happened

Disclaimer

Related Articles

TON Foundation Launches USDT on Telegram’s Integrated Blockchain: A Milestone for Global Crypto Payments

Bitcoin Halving 2024: ‘I Think This Is a Buy-the-News Event if You Pan Out Long Term’, Says Bitwise CIO

DeFi’s Explosive Start to 2024: OnChain Report Reveals Key Growth Drivers

You Might Like

Most Read

Mainland Chinese Investors Likely Barred from Hong Kong’s Spot Bitcoin and Ether ETFs, Say Bloomberg Analysts

Bitcoin Price Falls as Fed Chair Powell Expresses Caution on Rate Cuts

Solana Whales See Blood in the Water and Enter Memecoin Buying Spree

Bitcoin Halving 2024: ‘Explosive Cocktail’ from Reduced Supply and Spot ETF Demand, Says Nexo Co-Founder

AI Will Need ‘Trillions’ of Dollars of Investment in Infrastructure, Says BlackRock CEO Larry Fink