Consensys Confirms 7,000 MetaMask Users Affected in Recent Breach

Key Points:

• Thousands of MetaMask users were targeted in a personal data breach.
• An estimated 7,000 individuals had private information compromised.
• Users may be targeted in future phishing scams.

Consensys announced on Friday that thousands of MetaMask users had their personal data breached after contacting customer support over an 18-month period.

The blockchain software company disclosed that approximately 7,000 individuals had their private information, including email addresses, compromised between August 2021 and February 2023. According to Consensys, MetaMask’s browser extension and mobile app users were not affected by the breach.

The data breach occurred when fraudsters targeted a third-party service provider that MetaMask uses to create customer support tickets, Consensys explained. As a result, unauthorized actors gained access to the third-party service provider’s systems, enabling them to seize personal data belonging to MetaMask users who had submitted their data to the company’s customer support. Although the compromised data mostly included “limited” personal information required for identifying customers for support needs, users may also have shared additional information in the chat function that was seized.

Consensys has since put a stop to the unauthorized access, and the threat is no longer ongoing. However, the company acknowledged that affected users may still be targeted in future phishing scams. As such, users are urged to remain vigilant for any suspicious activity and unsolicited contacts that may be made to them by phone, text, email, or instant message. If users are suspicious of any request or message, they are advised not to open it, do not reply or click any links, and delete it immediately.

It should be noted that the security breach occurred as there is a rise in crypto-related phishing attempts and schemes. In 2022, there was a 40% increase in phishing attacks year-over-year, according to data from cybersecurity firm Kaspersky Lab. To mitigate these risks, Consensys has reported the incident to the Data Protection Commission of Ireland and the Information Commissioner’s Office in the UK.

DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.

Join us to keep track of news: https://linktr.ee/coincu

Annie

Coincu News