Analysis of Web3 Data Breach Incidents and Protective Measures

With the development of network technology, the main threats faced by individuals, businesses, and organizations come from network vulnerabilities and attacks. Data privacy and personal privacy have become particularly important, and there are countless cases of sensitive data loss each year due to vulnerabilities.

There have been several major security incidents in the history of Web3, from the loss of private keys by exchanges to the theft of personal data from investors. This data may exist on hacker forums and dark web markets for many years, putting affected users at long-term risk.

A security company analyzed 74 security incidents that occurred in Web3 entities. Among them, 23 incidents resulted in a high risk of long-term data loss, and 10 data packets are still available for purchase on dark web forums.

Law enforcement activities targeting hacker forums can prevent certain data from being extracted, but this is only a temporary solution. We need to understand the classification of Web3 data breach incidents and take measures to protect data security.

Classification of Web3 Security Incidents

Web3 security incidents can be broadly divided into two categories:

1. Malicious Use of Protocol: Events that exploit smart contract code to obtain economic benefits.

2. Vulnerability: An incident where attackers compromise the internal network of the target organization to steal company data or funds.

Malicious exploitation of protocols usually occurs within a defined time frame, with a clear beginning and end. In contrast, vulnerabilities are ongoing events that may lead to long-term data leaks.

Among 74 sample events, 23 cases (31%) can be classified as retrievable data events, while the remaining 51 are abnormal events or only suffered financial losses. After 2019, the number of retrievable data events increased significantly.

Where Stolen Data Goes

Lost data usually eventually appears in:

• Dark web (.onion site )
• Telegram Channel
• Online Hacker Forum

The final destination of the data determines the long-term risk it poses to the original owner. Compared to data that can only be purchased on the dark web, data obtained for free on hacker forums has a higher risk of leakage.

Multiple violation incidents have chosen the Raid forum as the preferred data selling platform, but this forum was shut down in 2022. Subsequently, the Breach forum took its place, but it was also closed in March 2023. Currently, the hacker forum community is rather chaotic, and it is unlikely to become a major channel for significant data leaks in the short term.

The dark web markets and forums have always been places for dumping or selling data. In 23 retrievable data incidents, there were 10 instances of (43%) with active sales advertisements on the dark web market.

Long-term Risks of Data Breaches

It is difficult to quantify the long-term risks of data breaches, but they can be compared to non-data-related incidents:

• The risk of violations that only result in direct financial losses is relatively low.
• The risk of incidents involving the loss of sensitive data (, especially customer data ), is greater.
• Data lost after 2019, especially those that are still easy to sell in dark web markets, pose the highest ongoing long-term risk.
• The data of those affected from 2022 onwards is almost certain to face significant risks of being used for fraud.

Protective Measures

Although security vulnerabilities cannot be completely eliminated, we can take the following measures to reduce risks:

1. Limit the number of centralized services used
2. Use two-factor authentication
3. Consider changing the leaked information such as email, phone (.
4. Diversify assets by storing them in self-custody wallets and hardware wallets.
5. Reduce sharing personal data with centralized Web3 institutions
6. Different platforms use different passwords
7. Enable Two-Factor Authentication
8. Monitor Data Breach Report Website
9. Use credit monitoring services to prevent identity theft and bank fraud.

By taking these measures, we can protect our data and asset security as much as possible and reduce the risk of becoming victims of Web3 security incidents.

![Why do I always receive "Exchange Delisting" SMS? Learn about the classification of Web3.0 data leak events and protection measures in one article])https://img-cdn.gateio.im/webp-social/moments-b8ac8d5fad7d4f04ac28a4ebc0973d30.webp(

![Why do I always receive "Exchange Withdrawal" text messages? Learn about the classification of Web3.0 data leakage incidents and protection measures in this article])https://img-cdn.gateio.im/webp-social/moments-677c49a80a89df69debb34ff4d49c1c4.webp(