MetaMask Suffers Data Breach: Customer Details Compromised for 18 Months

MetaMask: 18 months access to customer data after attack on ticket system

Crypto Wallet MetaMask Affected by Cybersecurity Incident

A cybersecurity incident has recently occurred at MetaMask, a popular Ethereum wallet. However, the security breach only affected the third-party customer support service that dealt with customer data. MetaMask’s browser extension and mobile app were entirely safe.

Limitations to the Breach

The incident took place over 18 months between August 2021 and February 2023, which means only those who contacted customer support during that time were potentially impacted. The data obtained included personal data like email addresses, but some customers may have voluntarily provided additional information pertaining to their assets, such as names, dates of birth, and phone numbers.

MetaMask-Investigations and Measures Taken

Since the extent of affected customers is unclear due to limited data, ConsenSys has informed about 7,000 users that were connected to the provider’s help desk. Measures have been taken to increase security for MetaMask in the future, and IT security and forensic teams have investigated the incident. The Irish and British data protection authorities have also been notified.

Remaining Questions

It’s unclear why the issue was only reported in August 2021 and fixed in February 2023, leading to remaining concerns. Regardless, the affected parties have received a notification and are advised to be vigilant, especially with unsolicited email, phone, or SMS communications. If they suspect any, they should report it to the company.

Leave a Reply