MetaMask has announced that a customer service incident has affected users who submitted a ticket between August 1, 2021 and February 10, 2023.
MetaMask users’ email addresses may have been exposed to a malicious entity following a cyber-security incident that was recently discovered. ConsenSys, the parent company of MetaMask, has reported that users who submitted a customer support query to MetaMask between August 1, 2021 and February 10, 2023, were affected by an incident.
Hackers accessed customer support tickets
In breaking news, it has been reported that unidentified people have breached a third party’s computer system, which is utilized for customer service requests. This security breach may have allowed the perpetrators to access customer support tickets submitted by users of MetaMask. The details were revealed in a blog post that was published on April 14.
In recent news, it has been reported that certain petitions were filed without any additional information beyond what was necessary to aid the user. This included the provision of an email address to enable prompt responses. The platform provided a “free text-field” option, which some users utilized to share their personal identification details. According to a recent post, the information that could have been included is “economic or financial information, name, surname, date of birth, phone number, and postal address.”
Consensys has made it clear that it does not ask for personally identifying information from its customers during conversations. However, some customers may have still provided such information.
Up to 7,000 MetaMask users may have been compromised, according to the company’s estimates, after submitting customer support inquiries.
Keystone, a hardware wallet provider, has issued a warning to MetaMask users following an incident. The company has cautioned that users may receive an increased number of phishing emails as a result of the incident. Keystone believes that the perpetrator may use the stolen email database to target potential victims.
Experts are warning about the dangers of phishing attacks. These attacks are designed to trick unsuspecting users into revealing confidential information, putting their personal and financial security at risk. Cyber criminals often use a tactic known as phishing to deceive their victims. This involves sending an email to the victim that appears to be from a trusted source or a person known to the victim.
Consensys has announced that it has implemented measures to prevent any future unauthorized access. Incident has no impact on tickets submitted after February 10. Intrusion has been reported by them to the Data Protection Commission of Ireland and the Information Commissioner’s Office of the United Kingdom. The company’s third-party customer service provider is working with a team of cyber-security and forensics experts to conduct a thorough investigation into the incident.
MetaMask faced criticism from privacy advocates in late 2022 following the disclosure that it logged users’ IP addresses on occasion. In March, the company released an updated program that allows users to have more control over which providers can access their information.
Content Source: twitter.com/KeystoneWallet/status/1646915915555147776?s=20