Liquid

Mike Kayamori, CEO of cryptocurrency exchange Liquid, posted a notice on the official website that a data leakage security incident occurred on the exchange on November 13. A domain hosting provider that manages a core domain name mistakenly transferred control of the account and domain name to a malicious intruder, allowing it to change DNS records, thereby controlling a large number of internal email accounts, and being able to partially damage the exchange’s Infrastructure and gain access to stored documents. After detecting the intruder, immediate action was taken to intercept and contain the attack to prevent further intrusions and reduce the risk of customer accounts and assets, while conducting a comprehensive review of the infrastructure. It can be confirmed that the customer's funds are safe, and the cold wallet based on MPC (Multi-Party Computing Protocol) is safe and has not been damaged. The relevant regulatory agencies have been notified of the intrusion and will continue to communicate in the next few days. The attacker may have obtained the user's email, name, address, and password. At present, Liquid is investigating whether the attacker has accessed the identity documents and photos submitted to KYC for verification, and will provide updates after the investigation.Liquid announced the final findings on January 20, 2021. Liquid stated that 169,782 items of user data including email addresses, names, encryption passwords, API keys, etc. have been leaked. Among them, the personal information that may be accessed illegally is the user who went through the KYC process before October 2018, such as the user's ID card, self-portrait picture, proof of address and other identity verification documents 28,639. Attack method (per SlowMist): Information Leakage. Reported loss: -.