[2019-07-25] Crypto Lending Platform YouHodler Exposes Millions of Privacy Recor

[Jgilpulg]

Users’ full names, addresses, and bank details such as account number and SWIFT code were exposed. In some cases, records containing crypto wallet addresses were also exposed.

https://bitcoinist.com/crypto-lending-platform-youhodler-exposes-millions-of-privacy-records/

[1715232198]

1715232198

[CryptoBry]

This is a serious data breach suffered by this company and this exposed many users to data thievery and illegal use of the same for whatever purpose. This and more is some of the  many inherent weaknesses and risks that we are all undergoing whenever we are using a centralized platform. And unfortunately, this is not the first nor will be the last. Soon we can be hearing of even bigger and more widespread data breach exposing identification and details of millions of people. As of now, there is no solid solution that can tackle this threat as hackers are always two steps ahead of technologies they can utilize.

[Kemarit]

Damn, this is really damaging for the crypto industry specially for the YouHodler members. This is a serious breach and I don't understand how they didn't protect their customers data. I would say that they are incompetent, you are in the business that involves likes of accounts and huge amount of money, how can you not hire security expects in the beginning so that this kind of exposure won't happen?

As per article:

After vpnMentor contacted YouHodler on July 22, 2019, YouHodler reportedly closed the breach the following day.

So I do hope this time, it is really updated, I wonder though if hackers was able to get the data before  Noam Rotem and Ran Locar discover it.

[Lucius]

This breach is revealed quite accidentally when some data scientists are doing web-mapping project, and who knows how long it has existed. What is important in this story is that all users consider all their data compromised, particularly credit cards, e-mails, phone numbers. This need to be changed ASAP, because this company is store all data in plain text, which is completely crazy and incredibly stupid.

If I was their user, I would close my account instantly and never think to use them again - this is the way amateurs work.

[buwaytress]

This breach is revealed quite accidentally when some data scientists are doing web-mapping project, and who knows how long it has existed. What is important in this story is that all users consider all their data compromised, particularly credit cards, e-mails, phone numbers. This need to be changed ASAP, because this company is store all data in plain text, which is completely crazy and incredibly stupid.

If I was their user, I would close my account instantly and never think to use them again - this is the way amateurs work.

What's shocking is that none of this is shocking to me anymore. I think when Mt Gox happened and people finally understood how it was possible that it could happen, that might have been the reality people weren't prepared for: that people running these crypto businesses were completely unprofessional.

You'd think things have changed over the years, and they have. The great crypto winter weeded out projects that weren't managed well, but the few sectors of industry that continues to display such callous attitudes from the owners are exchanges, custodial services and lending platforms.

What makes it that these people get more and more money, and data, and become more and more reckless with how they store it?

[roosbit]

-snip-

What's shocking is that none of this is shocking to me anymore. I think when Mt Gox happened and people finally understood how it was possible that it could happen, that might have been the reality people weren't prepared for: that people running these crypto businesses were completely unprofessional.

You'd think things have changed over the years, and they have. The great crypto winter weeded out projects that weren't managed well, but the few sectors of industry that continues to display such callous attitudes from the owners are exchanges, custodial services and lending platforms.

What makes it that these people get more and more money, and data, and become more and more reckless with how they store it?

I guess they never learn!

If professionalism is what's lacking then people equipped with the skills to handle the ever growing numbers should be employed, people who understand the crypto ecosystem and know the consequences of not handling this data properly.

And am curious how did data scientists find themselves in such a  position of exposing private data.

[1Referee]

If I was their user, I would close my account instantly and never think to use them again - this is the way amateurs work.

I personally would never sign up to a service called YouHodler. It's no longer coincidence that a service having a shitty name usually means that the people behind the service are not professional and not competent enough.

The problem with people is that the few satoshis they think to make have more priority than their security and privacy. People act shocked and think it's bad that it happened, but a minute later they continue gambling on garbage exchanges and send their data to an ICO project so that they are allowed to participate.