Nansen alerts users to security breach involving vendor

Some Nansen users had their email addresses, password hashes and blockchain addresses exposed in a recent third-party security breach

by Shalini Nagarajan /
article-image

Nansen’s Alex Svanevik | Source: Ian Walton for Blockworks

share

Blockchain data analytics platform Nansen recently suffered a security incident that exposed some users’ email addresses and passwords.

The breach appears to have originated from a third-party vendor whose system was compromised, allowing an attacker to obtain admin rights to an account used for granting customer access to Nansen.

Nansen CEO Alex Svanevik stated that the company became aware of the attack on Sept. 20. Initial investigations indicate that about 6.8% of its users are affected by the breach.

“These users had their email addresses exposed, a smaller portion also had password hashes exposed, and a last, smallest group also had their blockchain address exposed,” Svanevik said in an X post on Friday.

“We have informed our users via email if and how they’ve been affected,” he added.

Loading Tweet..

A Nansen spokesperson declined to disclose the name of the vendor, but said it has asked them to communicate on the incident publicly in case others are affected.

Nansen contacted affected users via emails sent from its official support@nansen.ai email address on Sept. 21 between 5 pm and 9 pm UTC, instructing them to reset their passwords.

The team also informed users that while their passwords are not stored in plaintext, malicious attackers could still attempt to gain access to accounts using the compromised password and email address.

Data breaches have become increasingly frequent in the industry of late.

NFT platform OpenSea told users about a data breach in June last year when staff discovered that email addresses had been shared with an external party.

Last month, ConsenSys disclosed that about 7,000 MetaMask users had their private information, including email addresses, compromised between Aug. 2021 and Feb. 2023.

Also in August, embattled crypto companies BlockFi and FTX also reported being indirectly impacted by a cybersecurity breach related to third-party claims administration platform Kroll.

Get the news in your inbox. Explore Blockworks newsletters:

Tags

Upcoming Events

Digital Asset Summit 2025

Old Billingsgate

Mon - Wed, October 13 - 15, 2025

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

buy ticketslearn more

recent research

Research

by Research Team

news

article-image

0xResearch Newsletter

Cosmos drops Hub-native EVM in sudden pivot

Interchain Labs will focus on sovereign L1s and institutional demand, abandoning plans for smart contracts on the Cosmos Hub

by Macauley Peterson /
article-image

Empire NewsletterMarkets

Bitcoin treasury companies acquired 244,991 BTC in the first half of 2025: K33

Also, only three tokens have outperformed bitcoin so far this year: XMR, HYPE and SKY

by Katherine Ross /
article-image

Finance

Canary continues filing spree with staked Injective ETF proposal

The fund group has submitted proposals in recent months for other funds that would hold litecoin, solana, XRP, HBAR, Sui and others

by Ben Strack /
article-image

Lightspeed NewsletterMarkets

Solana rallies as risk appetite returns

Momentum’s back — BTC leads, risk assets follow

by Jeff Albus /
article-image

BusinessForward Guidance Newsletter

RWA-related M&A picks up as companies hunt for US licenses

Ondo Finance’s acquisition of blockchain development company Strangelove follows its buy of Oasis Pro

by Ben Strack /
article-image

Forward Guidance NewsletterMarkets

Inflation data, firing threats and policy updates: What’s moving markets

Cryptocurrency and stock traders alike had a lot to unpack Wednesday

by Casey Wagner /