An unsecured MongoDB database owned by QuickBit was left exposed and compromised information of approximately 2% of their customers. The Sweden-based cryptocurrency exchange said that it hired a third-party company to assist them with security screening for its customers, which left the server open and exposed customer records. Once this database was discovered, QuickBit technicians quickly closed the database and installed firewalls to protect their clients. The exposed information included customer names, addresses, email addresses, and credit card information. QuickBit stated that no passwords, SSN’s or cryptocurrency keys were exposed. Researchers also found another 143 internal credentials that included secret keys, names, passwords, secret phrases, user ID’s and other internal information. QuickBit stated in a press release, “Data security is of utmost importance for QuickBit.” QuickBit has notified affected clients of the security breach.
Analyst Notes
Clients that were affected by the breach are recommended to change their password to an increasingly-complex password, change their appropriate passphrases so that information is different from the exposed information.
