White hat Aaron Phillips exposed a major data breach at Huobi, one of the world’s largest cryptocurrency exchanges, that occurred in 2021. The leak involved nearly all over-the-counter (OTC) transaction information from 2017 to 2021, including some user and VIP user data and the exchange’s technical infrastructure.
According to Huobi’s response, the incident was caused by the irregular operation of personnel in the S3 barrel of the test environment of the Japanese station on June 22, 2021.
However, the relevant user information was only isolated on October 8, 2022, after the white hat team discovered the breach. The exchange security team promptly acted on June 21, 2023, closing relevant file access permissions and fixing the vulnerability.
They assured that all relevant user information had been deleted, expressing gratitude to the White Hat team for their contributions to Huobi’s security.
The Scope of the Huobi Data Leak
However, Aaron Phillips’ in-depth analysis sheds light on the severity of the breach and its potential consequences. The exchange had inadvertently shared a set of credentials granting write privileges to all of their Amazon Web Services (AWS) S3 buckets.
These credentials provided full access to the company’s cloud storage, including CDNs and Huobi’s websites. This breach exposed the company’s user data and internal documents, with attackers having the potential to execute the largest crypto theft in history.
Huobi handles over a billion dollars in daily trading volume, making its users vulnerable to massive losses if the breach had been exploited.
Fortunately, Aaron Phillips discovered the leak and reported it to Huobi, prompting them to take immediate action to secure their data. He found that the leaked credentials were active for about two years, providing attackers ample time to exploit the situation if they had discovered it earlier.
The implications of the breach were dire, as attackers could have compromised CDNs and websites, injecting malicious scripts into Huobi’s systems and impacting every user who logged into their website or app.
Moreover, the leak revealed confidential reports containing user information, particularly wealthy users known as “crypto whales.” Huobi had ranked these users based on their ability to influence market movements, further jeopardizing their privacy.
Additionally, Huobi’s over-the-counter trading database was exposed, potentially affecting millions of transactions since 2017. OTC trading is valued for its privacy, making this breach a significant privacy violation for affected traders.
In a fortunate turn of events, the white hat team’s timely intervention and Huobi’s swift response mitigated the damage. However, this incident serves as a stark reminder of the importance of robust cybersecurity practices for cryptocurrency exchanges and companies handling sensitive user data.
Related Reading | OKX Beat Market Odds To Ink $70M Deal With Manchester City