Shakepay, the Canadian cryptocurrency application, recently reported a security incident where unauthorized individuals accessed personal data of a limited number of users. This breach, detected on December 13, 2023, involved personal information but did not compromise any banking details, cryptocurrency wallets, or user login credentials.
Shakepay Responds to Security Breach, Provides Complimentary Credit Monitoring for Affected Users
The breach at Shakepay, known for its zero-commission trading of bitcoin (BTC) and ethereum (ETH), was discovered after noticing irregular activities on an employee’s device. The company’s security team immediately took action, isolating and removing the affected device from their network as per their emergency response procedures to contain the breach.
Further investigation by Shakepay indicated that the breach, active from March to December 2023, led to unauthorized access to personal information of a specific segment of their clientele. Information potentially compromised includes customer names, email addresses, physical addresses, dates of birth, phone numbers, job titles, trusted contacts, account balances, and transaction records. This incident underscores the challenges faced by digital currency services in protecting user data.
Users expressed their concerns on social media. One user commented on X (previously known as Twitter) following Shakepay’s announcement, “You can’t secure data completely. It doesn’t matter how reputable the company is, there’s always a vulnerability through human error. KYC data equals inevitable data theft. Also, a breach from March to December indicates poor operational security.” Another user stated:
This means you’ve exposed the personal details of users who trusted your service.
Post-incident, Shakepay advised its users to stay alert for fraudulent activities. The company recommends strengthening account security, such as enabling two-factor authentication, being wary of unusual communications, and updating passwords. Shakepay stresses the importance of accessing accounts exclusively through official channels and using robust, unique passwords.
In an effort to assist those impacted, Shakepay has introduced additional security measures and is offering two years of complimentary credit monitoring to counteract potential identity theft risks. The company has also set up a specific email for those affected and is working with law enforcement and regulatory bodies to investigate the breach and avert future incidents.
Shakepay’s statement emphasized, “Gaining and maintaining your trust is paramount for us. We assure you that safeguarding your funds and personal information is our utmost priority. We remain vigilant, continuously monitoring the situation, and are committed to utilizing all available resources to protect your data and counteract malicious entities.”
What are your views on the Shakepay data breach? We welcome your thoughts and opinions on this matter in the comments section below.
Frequently Asked Questions (FAQs) about Shakepay Data Breach
What was the nature of the Shakepay data breach?
The breach involved unauthorized access to personal information of a select group of Shakepay customers. However, it did not compromise bank accounts, crypto wallets, or customer credentials.
How did Shakepay respond to the security breach?
Shakepay’s security team isolated and removed the compromised device from their network, offered free credit monitoring to affected users, advised customers on security measures, and engaged with law enforcement and regulatory authorities for further investigation.
What type of information was compromised in the Shakepay breach?
The breach potentially exposed personal details such as names, emails, addresses, birth dates, phone numbers, occupations, trusted contacts, account balances, and transaction history of a small segment of customers.
How long was the Shakepay breach active?
The breach was active between March and December 2023 before it was detected and addressed.
What security advice did Shakepay offer to its customers following the breach?
Shakepay advised customers to upgrade to stronger security methods like two-factor authentication, be cautious of suspicious communications, change passwords, and use only official channels for logging in.
Is Shakepay taking any steps to prevent future incidents?
Yes, Shakepay has implemented additional security measures and is offering free credit monitoring for two years to affected customers. They are also collaborating with law enforcement to investigate the breach and prevent future incidents.
More about Shakepay Data Breach
- Shakepay Official Announcement
- Guide to Securing Your Crypto Wallet
- Understanding Data Breaches in the Cryptocurrency Industry
- Best Practices for Digital Currency Security
- Reporting Cybersecurity Incidents: A User’s Guide