- A minor security incident occurred at Bitfinex where a customer support agent was phished, allowing limited access to some customer data. No funds were lost.
- Bitfinex contained the breach quickly, is contacting affected customers, and is working with law enforcement to find the perpetrator.
- While some customer data was exposed, no wallets, servers, or databases were compromised. Bitfinex says its systems remain secure.
Bitfinex, a digital asset trading platform, announced that it has resolved a minor information security incident discovered earlier this week. The exchange stated that no customer funds were lost and law enforcement has been notified.
Details of the Incident
A small portion of Bitfinex’s customer support boards, which held partial incomplete and stale information, was accessed by an individual or group through the phishing of a customer support agent. The agent did not have senior permissions and therefore had only limited access to supporting tools and helpdesk tickets.
None of Bitfinex’s systems were compromised and there was no loss of customer funds. No server, wallet or database infrastructure was accessed.
Aftermath
Bitfinex is continuing to review the incident and the compromised information. The exchange is in the process of contacting all affected customers, most of whom had empty or inactive accounts.
Bitfinex has a strong track record of working with law enforcement to secure convictions against individuals who have attempted to attack its operations. The exchange regularly reviews its security procedures and requires all personnel to undergo mandatory cybersecurity training.
Conclusion
While a minor security incident occurred, Bitfinex acted swiftly to contain it. No customer funds were lost and the exchange is working with authorities to track down the perpetrator. Bitfinex remains committed to providing a secure trading platform for its customers.
