Coindesk Logo

BlockFi Says Hacker SIM-Swapped Employee's Phone, No Funds Were Lost

BlockFi Says Hacker SIM-Swapped Employee's Phone, No Funds Were Lost

BlockFi Says Hacker SIM-Swapped Employee's Phone, No Funds Were Lost

The hacker compromised an employee's phone and gained access to users' personal information, including their names and addresses, but BlockFi says no funds were affected.

The hacker compromised an employee's phone and gained access to users' personal information, including their names and addresses, but BlockFi says no funds were affected.

The hacker compromised an employee's phone and gained access to users' personal information, including their names and addresses, but BlockFi says no funds were affected.

AccessTimeIconMay 19, 2020, 2:11 PM
Updated Aug 19, 2021, 2:08 AM

Presented By Icon

Election 2024 coverage presented by

Stand with crypto

BlockFi said an attacker got hold of users' data by compromising an employee's phone and taking control of the person's phone number through a SIM swap attack.

The New York-based crypto lending platform announced in a memo to users on Tuesday that a hacker – whose identity remains unknown – gained access to some of its retail marketing systems for just over an hour early on May 14.

"On May 14, there was a data incident at BlockFi that exposed certain client account information for a brief period of time. While no information was accessed that would enable the intruder to access your account or your funds, we believe it is in the interest of transparency to share the following details with you, and all of our other clients who were potentially affected," reads the memo, which was shared with CoinDesk.

BlockFi said the hacker accessed confidential data, such as names, dates of birth, postal addresses and activity histories. Other sensitive account information including bank account details, social security and tax identification numbers, passport and driver's license numbers and photo scans, were not affected in the data breach, the company said.

User funds were also not affected.

In an incident report, also published Tuesday, BlockFi said the hacker had accessed through an employee's phone. By tricking the mobile phone operator into activating the employee's phone number on another device, the hacker was able to access some parts of the company's internal systems.

"A BlockFi employee’s phone number was breached and utilized by an unauthorized third party to access a portion of BlockFi’s encrypted back-office system," the incident report reads. "The unauthorized third party was able to access BlockFi client information typically used by BlockFi for retail marketing purposes throughout the duration of this incident."

The report adds the hacker tried, unsuccessfully, to make withdrawals of user funds, before BlockFi was finally able to remove them from the internal system.

In a statement, a BlockFi spokesperson said: "A sole intruder gained minimal access for a short period of time to select internal marketing systems. The BlockFi team immediately mitigated the impact of the breach through a number of standing policies and safeguards in place to protect client assets and data."

"The issue has since been resolved and BlockFi’s products and services are fully operational and secure," the spokesperson added.

The spokesperson did not specify which mobile network the employee used.

Disclosure

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information have been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. CoinDesk has adopted a set of principles aimed at ensuring the integrity, editorial independence and freedom from bias of its publications. CoinDesk is part of the Bullish group, which owns and invests in digital asset businesses and digital assets. CoinDesk employees, including journalists, may receive Bullish group equity-based compensation. Bullish was incubated by technology investor Block.one.


Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.