Dutch Bitcoin Broker Litebit Suffers Second Data Breach in Six Weeks

It is never good to see Bitcoin exchanges or brokers suffer a hack. Although not all of these incidents involve stolen money, it is still a worrisome development from a security vantage point. Litebit.eu, a Dutch cryptocurrency broker, has suffered two separate incidents over the past few months. It remains to be seen how this will affect the company’s reputation moving forward.

Litebit Hacks are Rather Worrisome

Most European cryptocurrency enthusiasts have come across the Litebit.eu platform at some point. The company has quickly made a name for itself as one of the more prominent cryptocurrency brokers in the European market. It provides users with a convenient way to buy most major currencies with convenient payment methods, including instant bank transfers, among others.

Unfortunately, the company is often targeted by hackers, and it seems some of those efforts have been pretty successful in recent months. Litebit’s latest hack comes in the form of a data breach which affects a lot of users. Considering how the company is one of the biggest brokers in the Netherlands, it has massive databases filled with personal information on users. This information includes payment methods used, addresses, phone numbers, and more.

During the September 12th attack, hackers gained access to Litebit’s backend and obtained email addresses, hashed passwords, and IBAN information, among other things. No money was stolen in the process, though, which is a positive sign. Moreover, the breach itself has been reported to the Dutch police and the local Data Protection Authority as well. It is unclear how much progress has been made in finding the actual culprits, though, but we will hopefully learn more about this investigation over the coming weeks.

Unfortunately, a similar incident occurred last month. It seems this involved the same type of theft, as customer accounts may have been affected during the incident. According to Bitcointalk, the company has disclosed that it was “potentially” breached, although no funds were stolen at that time. It is good to see the company be rather open about these events, although many people will not be too pleased about two breaches transpiring in quick succession.

As is always the case with such incidents, the company advises users to change their passwords and even reset their 2FA settings. Everyone in the world of cryptocurrency needs to use 2FA wherever possible, as plenty of services are affected by small and large data breaches at some point. In most cases, they are due to third-party service providers exposing information, rather than the company itself doing so.

The bigger question is how Litebit will move on from here. Two breaches in just over a month is not acceptable by any means. However, it seems both incidents have had something to do with the company’s “supplier” rather than the company itself. While no wallets were affected twice in a row, it remains to be seen if the company remains so “lucky” in this regard. Cybercriminals are targeting centralized cryptocurrency services. This trend will only grow worse over time, unfortunately.