Crypto Exchange Liquid Says User Data Possibly Exposed in Security Breach

Customers registered with the Liquid exchange may have had their data exposed to bad actors, the company said Wednesday.

• In a notice on its website, Liquid CEO Mike Kayamori said the attack occurred on Friday, Nov. 13.
• "A domain name hosting provider that manages one of our core domain names incorrectly transferred control of the account and domain to a malicious actor," he said.
• The access allowed the intruders to change DNS records and then take control of "a number of internal email accounts."
• Ultimately, they were able to "partially compromise" the exchange's infrastructure and access stored documents.
• Kayamori said the attackers may have been able to obtain data such as users' emails, names, addresses and encrypted passwords.
• Liquid is currently investigating whether the attacker also accessed identity documents and photos submitted for know-your-customer verification.
• As soon as the intrusion was noticed, Liquid "intercepted and contained the attack," the CEO said.
• It also regained control of its domain and carried out a "comprehensive review of our infrastructure."
• "We can confirm client funds are accounted for, and remain safe and secure. MPC-based and cold storage crypto wallets are secured and were not compromised," Kayamori said.
• He recommended users change their passwords and 2FA credentials, and be wary of possible phishing attempts to use their data.

Also see: Over $280M Drained in KuCoin Crypto Exchange Hack