CoinDCX, the Indian crypto exchange, on Friday said some of its user data was exposed due to a security breach at Mixpanel, a third-party service provider.
In an email to the users, the CoinDCX said the breach did not affect its infrastructure and that their funds were safe.
Notably, Mixpanel, which provides data analytics services to CoinDCX, suffered a security breach on November 8.
The US-based company told CoinDCX on November 25 that some of its data was accessed after the “security incident”.
“They (Mixpanel) confirmed that some of our CoinDCX users’ data was accessed.
The security incident didn’t target CoinDCX specifically and included the broader customer base of Mixpanel.
Mixpanel has no access to CoinDCX infrastructure or users’ funds,” CoinDCX told users in an email communication.
CoinDCX has initiated a full review of Mixpanel’s security posture, data minimisation, and its internal vendor risk processes.
The company has informed users that it has collaborated with its service provider to confirm the containment of the breach.
CoinDCX has further cautioned users to stay alert to unsolicited calls, messages, or phishing emails, including requests for OTP (one-time password), passwords, PINs, bank details, and links to social media groups impersonating official company communication.