Popular Bitcoin services and platforms have become a favorable target for hackers and other internet criminals. Most of these companies attract a large audience, and there is plenty of money to go around. Bitcoin makes it easy to transfer funds from one party to another, and hackers want to get their share of the pie in the process. Gyft has recently started informing its customers of a security incident.
Third-party Provider Breach Affects Gyft Users
Gyft is a very popular digital gift card service where Bitcoin users can spend the popular digital currency and shop at their preferred locations. However, Gyft relies on several third-party services to provide their business to customers around the clock, and two of the company’s cloud providers have been accessed by an unauthorized party.
These events took place between October 3 and December 18 of last year, and individual Gyft user information may have been downloaded by the assailants. This incident came to the attention of the gift card provider, who started a thorough investigation to make sure consumer credentials were safe from harm and not misused in any way.
Based on the information provided to us at the time of publication, no Gyft accounts have been compromised during this breach, and no unauthorized payments have been made. This is one of the significant advantages Bitcoin holds over other payment methods, as every transaction needs to be signed by the wallet address owner through a private key. There is no database containing this type of information, making fraudulent purchases all but impossible.
That being said, Gyft accounts are linked to Coinbase, allowing users to make quick and convenient Bitcoin purchases. All users are advised to check their Coinbase history and make sure none of their funds have been spent on transactions they did not approve. Should they come across such purchases, the incident needs to be reported immediately to both Coinbase and Gyft.
Among the Gyft user details which may have been exposed are full names, addresses, email addresses, and gift card numbers. No credit card information is saved on any of Gyft’s servers, as the company hides these numbers in the account sector of every user. Furthermore, the CVV2 code required for every credit card purchase is not stored anywhere and needs to be entered manually by the cardholder for every transaction.
All Gyft users who may have been affected by this breach have been informed by the company and received an email to reset their passwords. For those users who have not followed these steps yet, they will be prompted to create a new password during their next login session on the platform.
Source: Business Wire
If you liked this article follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin and altcoin price analysis and the latest cryptocurrency news.