Crypto exchange Bitfinex has reported a minor information security incident that occurred between October 30 and November 5. The incident involved a customer support agent being hacked, leading to a series of phishing attacks against Bitfinex users. Despite this, the firm reassured users that little damage was done.
According to Bitfinex, the attacker gained access to a small portion of their customer support boards, which contained partial, incomplete, and stale information. Fortunately, the compromised support agent did not possess senior permissions, limiting their access to supporting tools and help desk tickets. The exchange emphasized that its systems remained uncompromised, and no customer funds were lost during the incident.
Bitfinex clarified, stating, “No server, wallet, or database infrastructure was accessed.” Additionally, customer assets on the platform were never at risk, and password information was not accessible. Most of the affected customer accounts were either empty or inactive.
Bitfinex’s Ongoing Review and Collaboration with Authorities
While Bitfinex declared the issue as resolved, the company continues to investigate the incident and the compromised information. They are actively reaching out to affected customers and working closely with law enforcement and investigative authorities to identify the perpetrator behind the phishing attack.
The exchange affirmed its commitment to security, highlighting its successful track record in securing convictions against individuals attempting to attack their operations in the past. The incident serves as a reminder of the constant need for vigilance and cybersecurity training, even for companies with robust security procedures in place.
