Cyber Incident Victim: Bluebook Trader
Date:
Dec 2015
Location:
Canada
Summary
ProjectDump hacks bluebooktrader.com and dumps 6,187 usernames and hashed passwords.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 0 motives | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
Blue Book Trader, a cryptocurrency exchange platform based in Estonia was hit by a cyber attack on December 14th, 2015. The hackers were able to gain unauthorized access to the company's application server and exfiltrate sensitive data including user account information and private keys.
The attacker, identified as ProjectDump, used an unknown exploit to gain access to the server and then spent several days extracting data before it was detected by Blue Book Trader's security team. The company immediately took steps to contain the breach and began notifying affected users via email.
According to a statement released by the company, "The attacker gained unauthorized access to our application server and exfiltrated sensitive data including user account information and private keys." Blue Book Trader emphasized that no fiat currency or banking information was compromised in the breach. The company also advised users to change their passwords and monitor their accounts for any suspicious activity.
The incident serves as a reminder of the importance of robust security measures, particularly in the cryptocurrency space where exchanges are often targeted by hackers due to the high value of digital assets stored on them. Blue Book Trader has since implemented additional security protocols to prevent similar breaches from occurring in the future.