BleepingComputer reports that cryptocurrency trading platform 3Commas has been impacted by a massive API key leak, with an anonymous Twitter user exposing 10% of the 100,000 API keys it claims to have stolen from the platform.
3Commas has confirmed that valid API keys have been shared by the Twitter user and urged Coinbase, Binance, Kucoin, and other supported exchanges to revoke 3Commas-linked keys. Meanwhile, users have been called to reissue keys on linked exchanges.
"Only a small number of technical employees had access to the infrastructure, and we have taken steps since Nov. 19 to remove their access. Since then, we have implemented new security measures, and we will not stop there; we are launching a full investigation in which law enforcement will be involved," said 3Commas.
Prior to the confirmation, 3Commas has denied being impacted by a breach despite reports of unauthorized transactions in the platform in October and reports of nearly $6 million in cryptocurrency losses among account holders last month.
Change Healthcare attack linked to state-backed threat actors Major U.S. healthcare revenue and payment cycle management provider Change Healthcare was noted by its parent firm UnitedHealth Group to have been targeted by suspected state-sponsored threat actors in a cyberattack on Feb. 20, TechCrunch reports.