Nansen blockchain analytics reports data breach caused by third-party

published: Sept. 22, 2023

Learn More

Nansen, a blockchain analytics platform that provides insights and data analysis for various blockchain networks has revealed a security breach and urged its users to change their passwords.

The CEO of Nansen, detailed the incident which happened on September 20. A third-party vendor, widely utilized by Fortune 500 companies, experienced a security breach. The intruder successfully gained access to the administrative rights of a Nansen account responsible for facilitating customer access to the platform.

Fortunately, Nansen detected the unauthorized access and initiated an investigation, preventing any further intrusion. They assured their users that wallet funds remained unaffected by this breach.

The breach, occurring through an unnamed third-party vendor, affected approximately 6.8% of Nansen's user base, leading to exposure of

  • email addresses,
  • password hashes,
  • blockchain data.

No details about the number of affected individuals nor the nature of the breach are available.

Nansen has called on the unnamed third party to publicly disclose details about the breach. Additionally, they issued a caution to users, advising them to exercise vigilance regarding any emails purporting to be from the company, particularly during this period, to guard against potential phishing attacks.

Update - as of end of November, users of Nansen are being targeted by phishing emails following the data breach. The phishing attempts promise a fake "Nansen Airdrop" and direct recipients to a fraudulent website. Reports indicate that scammers might be using email addresses from a networkforgood.com domain. Nansen has not yet publicly addressed this specific phishing incident.

Nansen blockchain analytics reports data breach caused by third-party