Dear GateHub Customers,
Our Security Team has concluded an extensive forensic investigation into the recent cyber attack on GateHub. We have identified the accounts that were targeted in this attack and the information that was compromised.
As previously suggested in our investigation update, we believe the perpetrator gained unauthorized access to a database holding valid access tokens of our customers. Using these tokens the perpetrator accessed 18,473 encrypted customer accounts, a very small fraction of our total user base. On affected accounts, the following data was being targeted: email addresses, hashed passwords, hashed recovery keys, encrypted XRP ledger wallets secret keys (non-deleted wallets only), first names (if provided), last names (if provided).
We found no evidence that other information (such as phone numbers or ID documents) was compromised. All affected customers were notified about the unauthorized access and provided a list of data that the perpetrator was able to retrieve from their account. Those who were not affected – the vast majority of our customers – also received a notification stating that our Security Team found no evidence of unauthorized access.
After the suspicious API calls were detected, we immediately disabled all access tokens which successfully blocked the perpetrator from gaining access to more accounts.
Due to an increased number of cyber attacks on crypto exchanges in the recent months, we have decided to take additional steps to safeguard GateHub accounts. As a precaution, we are generating new encryption keys and re-encrypting all sensitive information such as XRP ledger wallets secret keys on all accounts upon next sign-in. Behind the scenes, we are taking other precautions as well.
We will continue to work closely with law enforcement agencies from different jurisdictions to identify the criminal hackers responsible for this theft. We are in contact with more than a dozen exchanges and wallet providers to freeze the stolen funds before they are cashed out.
Once these legal procedures are completed we will know the exact amount of funds that our customers will be able to retrieve. Until then we kindly ask our customers to remain patient and report any suspected losses to their local law enforcement agencies in case they haven’t done so already.