Passwords and other sensitive data belonging to 1.4 million GateHub cryptocurrency wallet users was dumped online, a new report has revealed. The data was accessed after a breach on the wallet some months ago which the company revealed. The report has revealed that the hackers were able to access email addresses, passwords, mnemonic phrases and more.
The Ars Technica report revealed that the breach also affected EpicBot, a bot provider for the popular online game RuneScape. Altogether, the hackers dumped data for over 2.2 million users of both platforms on RaidForums, a widely visited hacker site.
GateHub was been the unfortunate target of a number of hacker attacks. In June, hackers managed to get access to 100 XRP Ledger wallets on the platform, and got away with over $10 million. However, it was in a second breach when the attackers were able to access sensitive user information including email addresses and passwords.
GateHub came out at the time of the hack and confirmed that information belonging to just over 18,000 users had been accessed. The company revealed that it had contacted the affected users and advised them to change their credentials. However, according to the latest report, the breach had been grossly downplayed, from the number of affected accounts to the extent of the information that the hackers accessed.
According to the report, “rather than obtaining only access tokens, the attackers also took 2FA keys, email addresses, password hashes, mnemonic phrases, and possibly wallet hashes.”
Despite the recent data dump, GateHub insists that it wasn’t as bad as thought. In an email, a member of the company’s security team stated that “the alleged GateHub database is being thoroughly examined by our team, therefore, we are unable to confirm its authenticity at this time.”