According to a Feb. 19 status update, the IOTA Foundation strongly recommends users of the Trinity Wallet to immediately change their passwords and use the seed migration tool to protect their assets. Trinity users who opened or updated their wallets between December 17th, 2019 and February 18th, 2020 may be vulnerable.
Patch to Trinity Wallet removed MoonPay
IOTA currently runs on their dedicated network Tangle — not blockchain — but Coordinator, a node on the network to help prevent attacks, is on hold following the recent breach. The desktop version of Trinity Wallet was found to be vulnerable after hackers attacked a number of high-value accounts on Feb. 12, gaining access to private wallet keys.
MoonPay, a service that allows users to purchase IOTA directly, was discovered to be the gateway to the breach. The MoonPay feature does not appear in the patched version of Trinity Wallet for desktop users released by the foundation following the attack.
Credit card details “unlikely to have been compromised”
Despite requesting its users to monitor for any suspicious activity and immediately change their passwords, IOTA mentioned it was unlikely for any credit card details to have been affected by the breach:
“...we want to inform users who have input their credit card details into the Trinity Wallet that, to the best of our knowledge, their credit card information is unlikely to have been compromised by this security incident.”
This assurance belies the serious nature of the breach. Hackers may have obtained a number of seeds from IOTA users, and may find others who do not promptly use the migration tool as the foundation suggests.
Cryptocurrencies like IOTA are still finding their feet when it comes to data breaches and working with existing blockchain technology. The company had to shut down for 24 hours in December 2019 following a mainnet incident.