Final Update on 13 November, 2020 Security Incident

This is the final report regarding the security incident that occurred on November 13, 2020 due to unauthorized access of our account with our domain service provider.

For more details on the incident, please refer to the Security Notice announcement made on November 18, 2020.

Since November 13, 2020, we have conducted a thorough investigation into the security incident and would like to share the results of our investigation.

1. Investigation results

On November 13, 2020 (Friday), a malicious third party was granted control of one of our domains hosted at GoDaddy.com, which led to the breach of our system infrastructure.

After conducting a thorough in-house investigation with the cooperation of various service providers, we were able to obtain data logs that provided more information on the extent of access to our system by the third party. While we were able to conclude there was access to customer information, there was insufficient information in the data logs to conclusively determine the actual scope of data that was in fact accessed by the third party. The results of our investigation are as follows:

• We have determined that certain personal and account information (email addresses, names, encrypted passwords and API keys) belonging to accounts that were opened prior to November 12, 2020 was accessed by the third party. 
• We have determined that personal information (including identification documents, selfies and proof of address) stored on our servers belonging to accounts that were opened on or prior to October 31, 2018 may have potentially been accessed by the third party.  
• Information in email communications to or from our email domain made between 05:58 (JST) on November 13, 2020 and 01:39 (JST) on November 14, 2020 may have potentially been accessed by the third party.

At present, we are not aware of any verifiable instances of unauthorized use of a customer's personal information following the security incident. However, we will continue to closely monitor the situation.

2. Potential consequences following the incident

As mentioned in the blog, there is a risk that personal information obtained may be used, for example, in instances of identity theft. It is also possible that you may experience an increase in spam emails and phishing attempts. 

In relation to phishing, please be aware of the possibility of email spoofing attacks directing you to fake Web servers that might be more sophisticated and harder to detect as a result of the use of your personal identifiable information.

3. Steps we have taken

In response to the incident, we have taken the following countermeasures:

• On December 17, 2020, we completed the migration of the impacted domain account to a domain service provider with more advanced account security management options.
• On January 4, 2021, we completed the transition of Liquid to a cloud service provider with superior security and management processes.

We are currently making other improvements to our system risk management framework, and we will continue to improve the security system so that we can give our customers peace of mind.

4. What you should do

As a security measure, we ask that you update your Liquid account password and 2FA at your earliest convenience if you have not already done so. 

If you are unsure of how to reset your password and 2FA, please contact our customer support team. 

In addition, we ask that you review your Liquid account information (including transaction details, login history, account balance, etc) to confirm that there are no abnormal activities in your Liquid account. Please be wary about occurrences such as frequent notifications on password change attempts and emails asking you to provide your password. If you find any suspicious activity in your account, please contact us immediately.

We deeply and sincerely apologize for the anxiety and inconvenience caused to all of our customers. We take this situation very seriously and will endeavor to further strengthen our system management and security to prevent this from reoccurring. We take a harsh stance against criminal acts, such as unauthorized access, that threaten the wellbeing of our users.

We appreciate your understanding and cooperation. 

If you have any questions or inquiries regarding this, please contact us below. 

Liquid Customer Support: support@liquid.com

Liquid Media: media@liquid.com