ConsenSys reveals details of incident involving a third-party service provider

A third-party service provider delivering ConsenSys customer-support services became ‘the subject of a cybersecurity incident’, as говорится in the company’s blog.

The team said that unauthorized parties gained access to the provider’s systems. As a result, the incident affected users who provided personal data to the support team between 1 August 2021 and 10 February 2023.

“It is important to note that this incident did not affect the MetaMask browser extension or the security of the mobile app. Wallet users were not harmed if they did not provide personal information to the MetaMask customer-support system,” the statement said.

ConsenSys representatives noted that in such cases clients are asked for limited data, such as an email address. The company estimates the incident affected around 7,000 people.

According to the statement, there is currently no ongoing threat. ConsenSys has handed over all information to regulators and engaged specialists to investigate the incident.

Back in January 2023, MetaMask developers, in collaboration with the HAPI project implemented in a test environment the wallet’s ability to check for risks in smart contracts, tokens and addresses.