TechFlow news — Nansen has announced via Twitter that a security breach occurred due to a vulnerability in a third-party vendor, resulting in the compromise of some user data. The system was breached on September 20.
According to preliminary investigations, 6.8% of Nansen users were affected. The email addresses of these users were exposed, and password hashes were leaked for a small subset of users. Additionally, blockchain addresses were exposed for certain user groups.
As a precautionary measure, Nansen has sent password reset requests to affected users between 1:00 AM and 5:00 AM Beijing time on September 22 from [email protected].
Nansen emphasized that users' wallet funds are safe, as Nansen never asks for private keys. However, malicious actors might attempt brute-force attacks on accounts using the leaked email addresses and passwords. Users should remain vigilant against phishing attempts and carefully verify the sender of any communication claiming to be from Nansen.
The vendor involved is an established company used by many Fortune 500 companies and other firms in the cryptocurrency industry to manage customer data.





