Search Inside Bitcoins

Another GateHub Security Breach Exposes Millions of Users’ Personal Security Details 

Don’t invest unless prepared to lose all the money you invest. This is a high-risk investment, you shouldn’t expect to be protected if something goes wrong.


Join Our Telegram channel to stay up to date on breaking news coverage

GateHub, a popular cryptocurrency wallet provider and asset custodian, has been hit by a hack that exposed the personal data of millions of customers. According to a report from tech news medium ARS Technica, Troy Hunt, the security researcher who helped develop popular cybersecurity index site “Have I Been Pwned,” claimed that EpicBot, a bot provider that serves both GateHub and online game RuneScape, had been hacked, with the personal details of about 2.2 million users on the platform dumped on a popular hacker site back in August. 

A Treasure Trove of Information 

Per the news medium, Hunt confirmed that the entire attack was split into two; the first one, which led to the details of 1.4 million people being leaked, and a second one that contained data of about 800,000 other user accounts. ARS Technica estimated that the entire loot contained about 3.7 GB worth of information, with data sets including Email addresses, passwords, wallet hashes, two-factor authentication keys, and mnemonic phrases. 

However, a further investigation from GateHub saw officials deny the claims that wallet hashes were part of the loot. As the officials noted, the absence of wallet hashes means that while personal data of millions of customers were compromised, no private keys were exposed directly. 

Hackers Hit GateHub in June 

This isn’t the first time that GateHub will be suffering a security breach this year. On June 6, the company published an announcement where it stated that hackers were able to break into about 100 XRP Ledger wallets.  

In the statement, the company claimed that it was notified by some of its customers that some of their funds had been stolen. While it was unable to identify any suspicious activity on its platform immediately, it investigated the complaints nonetheless, and found that a few IP addresses had been making an application programming interface (API) calls. The company further predicted that this was where the hackers were able to gain access to encrypted access keys. 

At the time, Thomas Silkjær, one of the people who warned the company about the breach, revealed in a separate report that an account managed through had stolen hundreds of thousands of XRP tokens from several other accounts. 

He went on to state that as of June 5, approximately 23,200,000 XRP (about $9.5 million at the time) had been stolen from between 80 and 90 victims, adding that about 13,100,000 XRP ($5.37 million) had already been laundered across several other exchanges and cryptocurrency tumblers. 

Join Our Telegram channel to stay up to date on breaking news coverage

Read next