2 years ago
A fig of MetaMask users person had their email addresses exposed done a caller information leak, according to genitor institution ConsenSys connected April 14.
MetaMask experiences information leak
ConsenSys said that the contented affected a tiny information of MetaMask users who submitted lawsuit enactment tickets betwixt August 1, 2021, and February 10, 2023.
About 7,000 users were affected by the information leak, the institution said.
The affected enactment forms lone explicitly requested idiosyncratic email addresses, meaning that this lone the lone information that needfully leaked. However, ConsenSys besides noted that users whitethorn person entered different idiosyncratic accusation successful different signifier fields.
The onslaught was aimed astatine a third-party work that ConsenSys uses to grip its lawsuit enactment tickets. It did not impact the MetaMask wallet bundle itself.
ConsenSys said that unauthorized entree has been revoked and assured users that the “threat is nary longer on-going.” It said that it has reported the incidental to authorities and noted that it continues to prosecute with the enactment provider, which is investigating the issue.
ConsenSys did not disclose the sanction of its enactment provider.
Email code leaks, phishing are common
Numerous crypto companies person experienced email code leaks successful caller years.
Notably, crypto speech BitMEX leaked 30,000 email addresses successful 2019. Later, the hardware wallet steadfast Ledger leaked definite idiosyncratic information including email addresses successful 2020. Celsius and OpenSea saw email addresses leaked successful interrelated attacks successful 2022.
Email code leaks bash not supply immoderate mode for attackers to straight entree the target’s wallet. However, attackers tin usage email addresses successful phishing scams that instrumentality wallet users into exposing their relationship information and login information.
In fact, MetaMask users are predominant targets of phishing scams. This twelvemonth alone, the wallet has seen one different phishing campaign and warned of a possible second.
As such, MetaMask users should beryllium wary of immoderate emails received successful the adjacent future.
The station MetaMask email code leak affects 7,000 users appeared archetypal connected CryptoSlate.
English (US) 