Despite an unauthorized party infiltrating Etana’s system, a spokesperson from the company indicated to reporters that no client funds were impacted.
A widely quoted memo from Etana Custody states that its “client user interface was accessed by an unauthorized external party” on April 18.
The document emphasizes that “no client assets or securities, including fiat or digital currencies were affected and no unauthorized withdrawals or transfers were made.”
Etana provides funding for Kraken users’ U.S. dollar, euro, Canadian dollar, British pound and Japanese yen balances.
Certain user data may have been compromised
While funds are reportedly safe, the firm notes that users’ personally identifying information including names, email addresses, physical addresses, and phone numbers may have been compromised.
Etana states that no passports, government-issued IDs, or driver’s license numbers are accessible to the hackers. The document says that internal security systems were triggered by the breach, which has since been neutralized.
Two DeFi protocols escape hacks unscathed in one week
In recent weeks, two separate attacks targeting decentralized finance, or DeFi, protocols have fortunately seen no funds compromised.
On April 19, Chinese DeFi platform, dForce, lost 99.95% of locked funds in a breach that exploited a known vulnerability in the ERC-777 token standard by targeting the stablecoin, imBTC. However, after leaking identifying data, the hacker returned the nearly $25 million in stolen funds three days later.
After unsuccessfully attempting to liquidate the funds, the miners sent the tokens to a burn address and claimed to have been conducting an innocent penetration test.