This incident underscores the persistent challenges of ensuring data security in centralized storage systems.
Blockchain identity platform Fractal ID has revealed details of a data breach that occurred on July 14, 2024, tracing it back to a compromised password from 2022.
Fractal ID reported that the breach involved an account belonging to an operator who had been with the platform for three years and possessed admin rights. The attacker exploited this access to bypass internal data privacy systems. However, system monitoring quickly detected the breach and locked out the attacker within 29 minutes.
Root Cause of the Breach
The breach was facilitated by the operator’s failure to adhere to operational security policies and training, specifically the reuse of credentials from past hacks.
On July 14, Fractal ID detected unusual activity in one of its back offices. This activity was soon identified as a malicious attack, leading to the exfiltration of data for approximately 0.5% of its user base.
In response, Fractal ID immediately disabled all accounts in the compromised system and restricted access to senior employees. The company is also enhancing its security measures to prevent future incidents, including implementing request throttling, finer-grained authorization, tighter monitoring of failed authentication attempts, and stricter IP control.
Summary Review: The Fractal ID breach highlights the importance of stringent security practices and continuous vigilance to protect sensitive data in centralized systems.
Disclaimer: Remember that nothing in this article and everything under the responsibility of Web30 News should be interpreted as financial advice. The information provided is for entertainment and educational purposes only. Investing in cryptocurrency involves inherent risks and potential investors should be aware that capital is at risk and returns are never guaranteed. It is imperative that you conduct thorough research and consult with a qualified financial advisor before making any investment decision.