A few weeks ago, the DADI Cloud platform invited users to submit their information to complete its know your customer (KYC) procedure to take part in its initial coin offering (ICO).
Interested users submitted their information, the DADI team seemingly received it, and the ICO went and completed its run as planned.
dadi faces data leak after alleged hack, blames third party email service
However, problems started arising when the users who had submitted their information to the website started receiving phishing emails. The emails reportedly try to mask the sender ID by posing as being from the DADI platform, asking for additional private data.
For instance, the actual email address of the DADI platform is “[email protected]”, but the phishing email seems to be from “[email protected]”. The phishers are also reportedly using other techniques to dupe unsuspecting recipients into sharing their private keys and other financial data.
When users who have been receiving these emails voiced their concerns to DADI, the answer which they received from the platform was that its third party email vendor had been hacked.
“The details are a result of the compromise of an external email service that occurred on February 1st. This is the only information that was stored on that service.” A DADI official wrote on Reddit.
“An external email service we were using for campaign management had user’s names and email addresses.” They clarified further.
Users are advised to be vigilant about such emails – in and out of this DADI phishing aspect – and to always double check the senders’ address before clicking on any link.
In any case, no private or financial information should be shared in result of an out of the blue email that asks for such details.