Nansen Users’ Password Hashes Stolen in Security Incident
Nansen, an on-chain analytics platform, has experienced a security incident involving its third-party vendors. As a result, the company is urging affected users to reset their passwords immediately.
The Breach and Investigation
Nansen was notified by one of its third-party vendors on September 20 that their systems had been compromised. The attacker gained unauthorized access through an account used to provision customer access to Nansen’s platform. However, the company was able to stop the unauthorized access shortly after discovering it and launched an immediate investigation into the incident.
Data Accessed and Impact
Due to the breach, the hackers were able to access email addresses, blockchain addresses, and password hashes of Nansen users. Approximately 6.8% of Nansen customers were impacted by this security incident.
Third-Party Vendor and Transparency
Although Nansen did not disclose the name of its third-party vendor, it revealed that Fortune 500 companies utilize their services. Nansen has also requested its vendor to publicly disclose the breach. The company’s transparency in handling the incident has been appreciated by community members.
Criticism and Previous Funding
While some praised Nansen for its transparency, others criticized the company for shifting blame onto its third-party vendor. In terms of funding, Nansen raised $12 million in a Series A round led by Andreessen Horowitz in June 2021 and later secured $75 million in a Series B round in December 2021. However, due to the crypto bear market, Nansen reduced its headcount by 30% in May 2023.
Hot Take: Lessons Learned from Nansen’s Security Incident
Security incidents are an unfortunate reality in the crypto ecosystem. Nansen’s recent breach serves as a reminder of the importance of robust security measures and constant vigilance. It highlights the need for companies to not only secure their own systems but also thoroughly vet and monitor the security practices of their third-party vendors. Additionally, Nansen’s transparency in promptly addressing the incident and notifying affected users is commendable, as it helps build trust within the crypto community. Nonetheless, this incident emphasizes the ongoing challenge of maintaining strong cybersecurity in an ever-evolving threat landscape.
By
By
By
By