Nansen: Third-party vendor attack leads to partial user data breach, affected users have been notified via email to reset their passwords

ChainCatcher message, Nansen stated on its social platform that on September 20, it was attacked due to a vulnerability in a third-party vendor, resulting in a data leak of some Nansen users. Nansen has promptly organized unauthorized access and immediately launched an investigation. According to preliminary investigations, 6.8% of Nansen users were affected, with their email addresses leaked, and a small portion of users had their password hashes leaked. Additionally, on-chain addresses of some groups were also leaked.

As a security precaution, Nansen has requested affected users to reset their passwords via the email [email protected] between 5 PM and 9 PM (UTC time) on September 21.