YouHodler Follow up to VpnMentor Research
Recently, YouHodler was the subject of security research from VpnMentor, the results of which made international headlines. After doing some internal research of our own, YouHodler has more detailed information describing how this event occurred and supporting evidence proving no sensitive data was affected.
YouHodler data research concludes leak only affected 0.25% of information
After VpnMentor found and reported the issue to YouHodler, our team quickly worked to resolve it. YouHodler determined the so-called “leak” happened on the 5th of July, 2019 and was immediately fixed after the notification from VpnMentor. It was only after YouHodler fixed it, that the news spread to big-name publications like TechCrunch. Media that followed TechCrunch made several mistakes in reporting the correct data and misleading readers.
The event occurred for less than one month and was restricted to only one server which contains large amounts of testing logs. TechCrunch reported that the “database contained 86 million lines of daily updating records of the lending platform.” While that information is accurate, our findings prove that just 0.25% of those lines were related to client operations.
This “0.25%” included 272 emails, 16 bank wire transactions, and 8 card numbers. 0% of this data included CVV numbers or passwords because YouHodler does not store CVV or passwords in its logs. Some of the media outlets assumed the “identity” field was the CVV field, but it is not. To prove this, YouHodler says that the “identity” field is equal for every transaction, which cannot happen with a real CVV.
Why did this happen?
This event occurred because there was a refresh of our log systems which then resulted in an error on one of our servers. As stated earlier, this server did not contain a data base with sensitive data. It was a system log which does not contain all customer data. Commonly, it contains system operation statuses. YouHodler has fixed the problem and our security partners are coming soon with additional proof.
YouHodler’s membership to external dispute resolution service Blockchain Association
To give our clients an added sense of security in the rare event this happens again, we’d like to remind you that YouHodler has been an approved member of the Blockchain Association since December 2018. Recently, the Association officially recognized YouHodler for their 100% customer satisfaction rating.
Blockchain Association COO Nikolai Isayev stated that
“backed by the Commission’s paramount values of transparency, swiftness, and education, YouHodler entered the worlds of FinTech and digital currency offering a reliable safety net to their clients. Fortunately, they haven’t had to use it yet...YouHodler has received zero complaints from their clientele. This is a rare feat in the digital currency industry, so congratulations to all those at YouHodler and keep up the good work with supreme client relations.”
For future reference, the Blockchain Association offers free external dispute resolution services for all YouHodler clients if YouHodler cannot deliver with its own in-house client relations services. YouHodler, in collaboration with external security partners will run regular security audits in the future to prevent this from happening again.