Cryptocurrency portfolio manager CoinStats recently experienced a security breach, affecting 1,590 crypto wallets. The company has reassured users that the breach has been mitigated and they are working to resolve the situation.
Immediate Response and Mitigation
In a June 22 X post, CoinStats announced the temporary suspension of user activity to address the security incident. "The attack has been mitigated, and we have temporarily shut down the application to isolate the security incident," the company stated. Thanks to the prompt response from the CoinStats team, only 1.3% of all CoinStats wallets were affected, totaling 1,590 wallets. CoinStats emphasized that connected wallets and centralized exchanges (CEXes) were not impacted.
Extent of the Impact
CoinStats has yet to disclose the full extent of the impact on the affected wallets. However, they have promised to provide updates as more information becomes available. The company assures users that since it only requests read-only access to connected crypto wallets, users' holdings remain secure.
User Advisory and Precautions
CoinStats has published a Google document listing all the currently affected crypto wallets. They noted that the list might change as the investigation continues, but significant changes are not expected. Users whose wallet addresses appear on this list are advised to move their funds immediately using their exported private key.
Warning Against Scammers
Members of the crypto community have warned affected users to be cautious of scammers who might exploit the situation. Pseudonymous crypto commentator PPman cautioned, "Scammers are smart. If your address is on this list or if you’ve used CoinStats and posted about it, scammers may be trying to reach out to you to 'help'. Do not trust anyone."
Conclusion
While the security breach at CoinStats affected a small percentage of its wallets, the company's immediate response has helped mitigate further damage. Users are advised to stay vigilant, move their funds if necessary, and await further updates from CoinStats as they work to fully resolve the incident.