Hacking is the biggest problem for tech-savvy people who are present in the crypto sector, with many having to content with finding their info on the dark web after a hack. Now 2.2 million users of GateHub and EpicBot have being thrown into an uncertain state after security expert Troy Hunt just confirmed their data was dumped on the dark web.
According to Troy Hunt, there are two batches of different data sets with the one from EpicBot RuneScape bot provider containing data for 800,000 users. However, for GateHub, things were worse with data belonging to 1.1 million account holders finding its way online. Although rumors of the hack led to GateHub coming out to try and control the situation, per Hunt’s detailed description, hackers did more damage than info conveyed by GateHub security experts.
GateHub Response to the hack sometime back
In a bid to protect its users, GateHub released a statement saying its cryptocurrency services were hacked with the hackers stealing or trying to steal personal data from 18, 473 accounts. Furthermore, according to their investigations, the hackers were after first/last names, encrypted XRP ledger wallets secret keys (non-deleted wallets only), hashed recovery keys, hashed passwords, and email addresses.
The above ended with GateHub claiming it reached out to users of affected accounts and also strengthened security measures in place. However, Hunt’s report paints a grim picture of what happened with him divulging more than what came out of GateHub investigations.
In total, the hacker got hold of 3.72 GB of data belonging to GateHub with the latter containing wallet hashes, which GateHub said hackers didn’t get their hands on. However, besides wallet hashed, the data also had mnemonic phrases and two-factor authentication keys. On the other hand, for EpicBot, its data batch had IP addresses of users together with their usernames.
To confirm the data sets on the dark web were indeed from the two sites, Hunt did a thorough check on selected email addresses with results confirming his theory. However, if his tests aren’t enough, a tweet from a user to Hunt cements his theory of the hack. The user reached out to Hunt, informing him about a notification from Experian Id informing him about his details being dumped on the dark web.
Although Hunt did his best to shed more light on the hack, he also advised users to change passwords belonging to their accounts associated with the two sites and to be extra careful.