Cryptocurrency exchange Liquid has confirmed that on November 13 a hacker gained access to the company’s domain records, allowing the them to take control of several employee email accounts, and later compromised the company’s network.
Cryptocurrency exchange Liquid has confirmed that on November 13 a hacker gained access to the company’s domain records, allowing the them to take control of several employee email accounts, and later compromised the company’s network.
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics
Another large exchange was hacked, due to a third party KYC data partner which was not secure. And while this can and does happen, there are steps that can be taken to minimize damage from the start. Regulators mandate that cryptocurrency exchanges collect and maintain KYC data, but choosing the right solutions provider matters. It is important to implement solutions that not only perform KYC, but that can also maintain KYC for exchanges, enabling them to have access to data without storing it. However, they must ensure that their KYC providers and their data partners are extremely secure. SOC-2 and PCI are examples of credentials that should be sought in a provider along with data protection in place.