The Swedish cryptocurrency exchange QuickBit was hit with a data breach affecting about 2 percent of its customer base through an unprotected MongoDB.
Published reports put the number of accounts exposed at 300,000 with QuickBit stating the data involved was left unprotected while it was being migrated to a safer environment with names, addresses, e-mail addresses and incomplete payment card information being involved. The company noted that no passwords, Social Security Numbers were exposed nor any cryptocurrency keys or financial transactions affected.
“QuickBit has recently adopted a third-party system for supplementary security screening of customers. In connection with the delivery of this system, it has been on a server that has been visible outside QuickBits firewall for a few days, and thus accessible to the person who has the right tools,” the company said in a translated statement.
Once discovered the database was taken offline and Quickbit said none of the information involved could be used to harm customers or the corporation.
Cryptocurrency exchanges have been victimized repeatedly over the last year with six Europeans being arrested in June for running a typosquatting scam that netted $27.3 million in cryptocurrency. In September 2018 the Japanese exchange Tech Bureau’s Zaif was hit losing $60 million.