According to a security researcher from “Have I Been Pwned”, the password and personal information of over 2 million users of two known websites have been dumped online for the world to see. Due to a security breach, GateHub and RuneScape bot provider EpicBot have fallen victims of hackers, compromising the data of thousands of accounts.
As detailed by Troy Hunt, a security researcher for Ars Technica, the personal information of 1.4 million user accounts from GateHub cryptocurrency wallet has been compromised. Additionally, 800,000 user accounts from RuneScape bot provider, EpicBot, were also compromised. The stolen information seems to include email addresses, passwords, two-factor authentification keys, mnemonic phrases and wallet hashes.
Just months ago, hackers were able to hack their way into GateHub’s 100 XRP Ledger wallets, resulting in over $10 million worth in crypto stolen. GateHub has also warned its users about phishing scam campaigns that were targetting their cryptocurrency wallet users. The malicious campaigns would consist of GateHub’s wallet users receiving mysterious emails from addresses that looked from the company such as @gatehub.com and @gatehub.net.
According to GateHub, the wallet hashes were not accessed. Officials from GateHub commented on the events saying:
As previously suggested in our investigation update, we believe the perpetrator gained unauthorized access to a database holding valid access tokens of our customers. Using these tokens the perpetrator accessed 18,473 encrypted customer accounts, a very small fraction of our total user base. On affected accounts, the following data was being targeted: email addresses, hashed passwords, hashed recovery keys, encrypted XRP ledger wallets secret keys (non-deleted wallets only), first names (if provided), last names (if provided).
The posting of the database on the DarkWeb means that the aforementioned breach disclosed in July was much bigger than previously thought. The hackers obtained all sorts of sensitive data from millions of users, not just the 18,473 mentioned in the disclosure.
It looks like hackers are getting more creative, resulting in millions of dollars lost. Despite the best security efforts from some of these companies, hackers still find a way to exploit the bugs or errors, breaking into systems and stealing sensitive information from users.
It is recommended for all users of both websites to immediately change their passwords and to be aware of any phishing campaigns that could be going on at the moment.