The recent cyberattack on CoinStats’ crypto wallets, which resulted in the compromise of 1,590 wallets, was carried out by exploiting a CoinStats employee. In response, CoinStats temporarily suspended its services on June 22 after detecting the attack. Thanks to a swift and proactive response, the hacker was only able to access 1.3% of all CoinStats wallets, resulting in a loss of $2 million.
Narek Gevorgyan, the CEO of CoinStats, disclosed the findings of an internal investigation on June 26. The investigation revealed that the hack was executed using social engineering, a commonly employed tactic by hackers to manipulate or deceive victims in order to gain control over computer systems.
CoinStats has since shut down its website while it addresses the security issue. Gevorgyan’s message did not explicitly mention refunds for the affected users, but the company intends to provide a detailed plan of action after conducting a thorough analysis of the situation.
Some community members have reported even higher losses due to the breach. For example, Blurr.eth allegedly lost 3,657 Maker (MKR) tokens, valued at around $8.7 million.
CoinStats has not yet acknowledged these claims, but security breaches have become a growing concern for crypto service providers. Another recent incident occurred on June 5 when CoinGecko, a cryptocurrency data aggregator, experienced a data breach through its third-party email management platform, GetResponse. Similar to the CoinStats hack, the breach at CoinGecko was a result of a compromised employee account. The compromised data included users’ names, email addresses, IP addresses, location of email opens, and other metadata.
In other news, Conor Daly, the driver representing Polkadot at the Indy 500, shared that his father holds DOT tokens, adding an interesting personal connection to his involvement in the race.