Zimpapers Logo

Business Reporter
Zimbabwe’s leading cryptocurrencies exchange, Golix, has announced a series of security improvements to its protocols following a breach to 23 of its user accounts.

In the three weeks ending March 12, 2018, a team from Golix is said to have realised that there had been unsolicited access on user accounts.

During this period, a third party took advantage of email password vulnerabilities on 23 Golix accounts to facilitate transactions without the users’ consent.

Affected users noticed some changes to their accounts such as the conversion of their cryptocurrencies and the acquisition of additional cryptocurrencies through already held US dollar balances.

Golix is said to have followed the discovery of this information with an internal investigation to evaluate the full extent of the breach and to identify areas that needed to be addressed immediately.

Mr Nhalwenhle Ngwenya, the company’s director of communications said they have established that “no cryptocurrencies or funds were lost from the exchange as a result of this breach”.

“Contrary to information that has been miscommunicated in relation to this issue, the Golix exchange has not been hacked. Golix’s efforts to date, from the time the issue was first identified, has been working tirelessly to safeguard customers’ funds and to double up on existing security measures.

“Its efforts have been centred on improving account security for both Golix and users’ email accounts, especially through an awareness of best practices for account security.

“All customers have been advised to immediately start using Two Factor Authentication (2FA) for their Golix login and for their user emails as well,” said Mr Ngwenya.

He added that customers have also been encouraged to adopt unique passwords for their emails and for their accounts.

Golix is also calling on customers to adopt a strict approach to securing their account information especially when sharing their details online.

The exchange has also adopted additional measures that continue to prevent the unauthorised withdrawal of any form of currency from users’ accounts.

Affected customers are also being engaged.