Breaches Hit Over Two Million Gamers and Crypto Wallet Users

Written by

Over two millions users of a gaming company and a cryptocurrency specialist have become the latest "netizens" to have their personal data compromised by attackers.

The haul includes 1.4 million accounts from users of cryptocurrency wallet service GateHub, which were posted to a popular hacking forum, according to the breach notification site HaveIBeenPwned?

The firm had previously acknowledged a June breach, although a “final statement” on the incident it posted a month later claimed that hackers had only been able to gain access tokens for 18,473 encrypted customer accounts.

“After the suspicious API calls were detected, we immediately disabled all access tokens which successfully blocked the perpetrator from gaining access to more accounts,” it said at the time.

“Due to an increased number of cyber-attacks on crypto-exchanges in the recent months, we have decided to take additional steps to safeguard GateHub accounts. As a precaution, we are generating new encryption keys and re-encrypting all sensitive information such as XRP ledger wallets secret keys on all accounts upon next sign-in. Behind the scenes, we are taking other precautions as well.”

It would appear as if the size of this breach was much bigger than at first thought. HaveIBeenPwned said that compromised data included email addresses, mnemonic phrases, wallet hashes and passwords stored as bcrypt hashes.

Data on 817,000 subscribers to RuneScape bot provider EpicBot was uploaded to the same hacking forums from a September breach at the firm. Compromised details included usernames, email and IP addresses and passwords stored as either salted MD5 or bcrypt hashes, according to HaveIBeenPwned.

Jason Kent, hacker-in-residence at Cequence Security, warned users of both sites of follow-on phishing attacks, especially in the run-up to the Black Friday sales weekend.

"A list of cryptocurrency exchange customers means that targeted phishing attacks aimed at account takeover should be expected,” he argued.

“This combined with standard password reset attempts and other account takeover techniques could result in these exchange members losing their cryptocurrency altogether. The richer the data, the more targeted the attack can become.”

What’s Hot on Infosecurity Magazine?