Consensys, a blockchain software firm, has revealed that the personal data of thousands of MetaMask users who had contacted customer support over an 18-month period was breached.

According to the company, an estimated 7,000 individuals had their private information compromised between August 2021 and February 2023.

The information breached includes email addresses and limited personal information needed to identify customers for support needs. It is important to note that MetaMask’s browser extension and mobile app users were not impacted by the breach.

Consensys disclosed that the fraudsters gained access to a third-party service provider that MetaMask uses to create customer support tickets, which is how the personal data was seized.

The company has stopped the unauthorized access and assures its users that the threat is no longer ongoing. However, affected users may be targeted in future phishing scams, and Consensys has urged customers to be vigilant for any suspicious activity and unsolicited contacts.

This incident is coming at a time when users report a rise in crypto-related phishing attempts and schemes. Data from cybersecurity firm Kaspersky Lab shows a 40% increase in phishing attacks in 2022 year-over-year.

Consensys has reported the security breach to the Data Protection Commission of Ireland and the Information Commissioner’s Office in the UK.

Tags