We want to address a security incident that has recently come to our attention and provide full clarity to the community.
On April 15, one individual gained unauthorized access to an identity database server and illegally exported data. We have since received credible information, including direct evidence shared by a well-known member of the community, confirming that parts of this data were further distributed to third parties.
The individuals involved were not directly employed by Ice Labs. As mentioned in the past, Ice Labs worked with a third-party service provider that handled part of the operational side of the project, including coordination of development, design, product, and PR resources. The individuals responsible for this incident were part of that service provider’s team.
We have identified the individuals involved, and four former collaborators acted together in breaching their contractual confidentiality obligations and illegally sharing sensitive data.
We have already initiated formal proceedings, including a complaint filed with the Information Commissioner’s Office (ICO) and a criminal complaint with law enforcement authorities, to ensure that all responsible parties are held fully accountable.
It is important to clearly state what this incident does and does not impact.
User funds are safe. At no point were private keys, access credentials, or any information that could allow unauthorized access to user funds compromised.
The affected data includes identity key names, associated public keys, email addresses, and phone numbers used for 2FA. As a precaution, we strongly recommend that all users update their 2FA settings, including both email and phone-based authentication methods.
We are treating this matter with the highest level of seriousness and will pursue it to the fullest extent of the law. As we have done before, including successfully defending our name in legal proceedings against Intercontinental Exchange in the United States, we will take all necessary steps to ensure that those responsible are held accountable.
At the same time, this situation does not impact the continuation of the project. Development, product rollout, and ecosystem expansion continue without interruption. Our focus remains on building, delivering, and growing the Ice Open Network ecosystem.
As an additional measure, tomorrow we will run a migration on Online+ to further increase the security level. During this process, the platform may be temporarily unavailable or experience loading issues.
We will continue to provide updates as the situation progresses.