Golix, Zimbabwe’s largest cryptocurrencies’ exchange has been dealing with issues to do with account and user security.
In a communication shared with its customers, the Golix team announced how some of its users’ accounts had been accessed without their consent in the past few weeks.
According to Golix, this unauthorised access did not result in accounts being emptied, however, some of the users noticed that currencies were bought and sold using their accounts. The company’s notification has also highlighted that Golix was not hacked.
As part of the measures taken by Golix, the company is encouraging its users to take steps to enhance email and account security.
You can read the full communication that Golix sent to its customer below.
Dear valued customer,
Please be advised that in the three weeks leading up to the 12th of March 2018 we noticed that a limited number of Golix accounts fell victim to unsolicited third party access.
The information gathered so far indicates that this malicious activity was carried out through compromised user email accounts.
As a result of this intrusion, affected users have noticed some changes to their accounts such as the conversion of their cryptocurrencies and/or the acquisition of additional cryptocurrencies through already held US dollar balances.
This issue is a priority for us, as are all matters pertaining to account security.
We have a technical team that has been making changes to our systems and has already put in place measures that prevent the withdrawal of any form of currency from users accounts.
Thanks to these efforts, we have successfully ensured that no funds are withdrawn from any account without full verification.
These measures, however, cannot work in isolation.
For additional security protocols, we encourage you as a Golix account holder to do the following
- Change your Golix account password by clicking on “Forgot password” before you login into your account
- Enable two factor authentication using Google Authenticator on your Golix account
- Change your email password
- Enable two factor authentication on your email account using Google Authenticator or other 2 factor options that are not SMS that may be provided by your email provider
- Do not use the same password for both your email and your Golix account
- If possible, use a password generator to generate the email password for you.
- Avoid accessing your internet service over unsecure / untrusted internet services that you do not know are legitimate and verified internet providers
- Avoid using your name, surname, children’s names, birthdays and other common attributes as your password
- Avoid accessing your email and Golix account on public internet services like internet cafes
- Do not share your password for any account you have with anyone
- Take note of possible phishing attacks on your email – these are “attacks” that trick you into clicking on links in suspicious emails that come through your account which may lead to loss of private data.
Please safeguard your privacy when it comes to information about your Golix account or how you deal with cryptocurrencies. Be very cautious about sharing unnecessary information about these issues, especially on public forums like WhatsApp and Telegram Groups and on social media.
If you have any challenges with your account please contact us via email or on any of our numbers and social media platforms.
The Golix Team