UPHOLD Data Breach

Malicious Actor

Another day another data breach. I received a report of a data breach at UPHOLD yesterday on June 6, 2018. This follows last week’s report of the major data breach at Marriott Hotels and of course the earlier massive Equifax breach wherein the personal data of more than 145 million people was compromised Equifax . The one part I whole heartedly agree with is that financial institutions have been facing phishing attacks of unprecedented sophistication. Do not be so naïve to assume your bank or your financial service provider can protect the information you provide.

I have an UPHOLD account for trading Cryptos and as per financial regulations in order to open my account at UPHOLD, I was required to submit in my application personal information to meet KYC regulations.  This requirement included a copy of a government issued photo ID so I provided my Driver’s License along with information on my financial accounts.  UPHOLD operates a so called on/off ramp to fiat currency by linking UPHOLD accounts to regular bank debit cards/ accounts to allow users to cash-in and cash-out of various Crypto currencies.  I was attracted to UPHOLD for this reason and for UPHOLD’s clever business process through which they largely mitigate volatility of account assets. Great, now please just provide me the services without losing all my identity data.

Didn’t quite turn out the way I expected and as a result another “Malicious actor”, their words not mine, has at a minimum my name and my email address. Seems suspect to me that the same Malicious actor would stop after penetrating UPHOLD’s database for account holders’ names and email addresses only, but let’s give UPHOLD the benefit of the doubt and assume they are being honest with me in reporting this breach. The point I am making is that KYC continues to be a dramatically powerful enabler of identity theft.  We need to reduce the amount of personal information KYC compliance is forcing service providers to acquire from their customers. As has so often and repeatedly been demonstrated a failure to protect our sensitive personal identities. Providers in the financial services industry, who should be at the pinnacle of cyber protection practices, appear totally inadequate in protecting our sensitive data.  The obvious question everyone should be asking is why we so gleefully and willingly surrender online our electronic identities and is there not a better way to fight money laundering and crime then subjecting so many millions of law abiding citizens to the dangers of ID theft?

Dear Uphold Member,

We experienced a security incident on November 21st and have now completed our investigation. I write to explain what happened, how we handled the situation, and how we can work together to defeat such attacks in the future.

What happened

As you may have read in the media, financial institutions have been facing phishing attacks of unprecedented sophistication in recent months. Uphold is no exception.

First, I’d like to reassure you that Uphold was not hacked and no customer funds were stolen. Your accounts remained safe throughout the incident and our security measures worked as planned.

The incident resulted from an attack on our account at a third-party email services provider. We were one of several companies affected. A malicious actor created a fake newsletter titled, ‘Black Friday 15% discount on BTC’ and sent it to Uphold customers. The communication looked like an Uphold email, and owing to the exceptional nature of the breach, came from Uphold’s email address.

We are deeply sorry for the incident and have been busy conducting a review of our security controls and procedures. Keeping your information secure is of paramount importance. As a result, we’ve introduced a series of measures to reinforce our position as one of the most secure financial platforms.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s