Bitfinex recently encountered what it described as a “minor” security incident, stemming from a hacking attempt against one of its customer support agents. This incident led to several users becoming targets of phishing attacks.
The cryptocurrency exchange reported that the security breach took place between October 30 and November 5, as detailed in a recent press release. Bitfinex moved to reassure its customers, stating that the impact of the incident was minimal, and there was no substantial harm incurred.
The security breach resulted from a phishing attack targeting a customer support agent who had access to partial information.
Thankfully, the compromised customer support agent did not possess senior-level permissions and had only limited access to supporting tools and help desk tickets, as confirmed by Bitfinex.
The exchange underlined that its systems remained unbreached, and no customer funds were compromised during the incident.
Bitfinex stated, “At no time were customer assets on the platform at risk, nor was password information accessible.”
It further mentioned, “Most of the affected customer accounts were empty or inactive. We are continuing to review the incident and the compromised information. We are in the process of contacting all affected customers.”
Bitfinex Claims the Issue is Resolved
Bitfinex has officially declared the issue as resolved in their announcement.
Nevertheless, the exchange confirmed that they are continuing their investigation into the incident, assessing the compromised information, and reaching out to affected customers.
Bitfinex also noted that they have reported the breach to law enforcement authorities and are actively cooperating with investigative agencies to identify and apprehend the perpetrator responsible for the phishing attack.
The exchange emphasized their track record of successfully securing convictions against individuals who have attempted to attack their operations in the past.
Bitfinex added that they consistently review their security protocols and provide cybersecurity training to all employees as part of their efforts to prevent such incidents from occurring in the future.
Bitfinex, established in Hong Kong in 2012, has become a prominent player in the cryptocurrency industry. With Jean-Louis van der Velde serving as CEO since 2013, the exchange has climbed to the 17th position in CoinGecko’s “Trust Score” index among all cryptocurrency exchanges.
In just the past month, Bitfinex has recorded over 800,000 visits to its platform, indicating substantial user activity.
The security incident at Bitfinex occurs in the context of ongoing challenges related to hacks and scams in the cryptocurrency industry. According to a report by blockchain security platform Immunefi, there were 76 hacks targeting crypto and Web3 projects and companies in Q3 2023, a notable increase compared to the 30 hacks reported during the same period in 2022.
Collectively, approximately $332 million has been lost to various exploits, hacks, and scams throughout September, marking a record-high month for cryptocurrency-related security incidents.