Open Exchange Rates has announced a data breach that exposed the personal information and salted and hashed passwords for customers of its API service.
Open Exchange Rates provides an API that allows organizations to query real-time and historical exchange rates for over 200 world currencies. The service's web site states that their API is used by companies such as Etsy, Shopify, Coinbase, Kickstarter, and more.
In data breach notification emails sent today, Open Exchange Rates explains that while investigating a network misconfiguration that was causing delays in their service, they discovered that an unauthorized user had gained access to their network and a database that included user information.
... ...