TypeForm Breach Serves Up Sensitive Data

Among the companies affected was Ocean Protocol, who offered credit monitoring to those impacted.

On June 27, 2018 the engineering team at data collection company, Typeform, reported a breach of its internal systems wherein an unknown third party gained access to sensitive information.

This is yet another breach in a series that have rocked the industry of late.

On the company’s website, Typeform offers the following explanation:

“On June 27, 2018, our engineering team became aware that an unknown third party gained access to our server and downloaded certain information. As a result of this breach, some data was compromised. We responded immediately and fixed the source of the breach to prevent any further intrusion.

Were you affected?

If you didn’t get an email, you weren’t affected.

For those affected, please check your email for specific information.”

The extent of clients affected by this breach is thus far unknown, due to GDPR constraints., Among the companies affected by the TypeForm data breach is blockchain startup, Ocean Protocol. The Founder of Ocean Protocol, Bruce Pon, reached out to the community after he became aware of the incident.

It was disclosed that 169 contributors from the Seed and private phase of Ocean Protocol were affected by the breach. According to Pon, TypeForm’s report indicated that a “hackers accessed the data that Seed and private Pre-Launch contributors.” Compromised data includes the hacker may have downloaded includes email, birthdate, place of birth, ID number, nationality, wallet address, scans of identity documents, proof of residence, proof of accreditation. For United States participants, Social Security Numbers were also exposed.

Pon said that his team trying to work with TypeForm to see if the data was stored in an encrypted manner, which might protect the information. However, if the data was not encrypted when it was stored, hackers certainly got to it.

In a bid to make things right, Ocean Protocol is committed to helping those affected:

“We will pick up the fees for Credit Report Monitoring for two years. Sign-up and send us the bill. Find out more here:

US — Credit Monitoring Service

Germany — meineSCHUFA plus

UK — Experian Credit Monitoring

Anyone can ask to change their wallet address prior to the network launch.”

Ocean Protocol also has taken measures to secure customer data with multi factor authentication and/or encryption. The company has made certain that data that has been held outside of the organization has been erased with the exception of DocuSign contracts, Zendesk ticketing tools, as well as mailing lists on Zoho and Mailchimp.

MetaCert is committed to safeguarding all information we collect concerning our public and private token sale for the MetaCert Protocol.

The MetaCert Protocol is a trust and reputation threat intelligence system for verifying web resources. It addresses a number of attack vectors, encompassing solutions for anti-phishing, child safety, brand protection, crypto-address verification, and news credibility. Find out more about the MetaCert Protocol, ask questions, and leave suggestions on both our White Paper and Technical Paper. You can also join our Telegram community to stay up to date on our blockchain project. Remember to install Cryptonite to protect yourself from phishing scams before it’s too late.