During a very short period of time on July 20th, 2021, an unknown third party attempted to register thousands of Nexus Equity accounts in rapid succession. We detected this automated activity within minutes and blocked it from continuing further.
If you don’t want to use Nexus Equity, you don’t have to do anything! The account that the third party attempted to register on your behalf has already been deleted.
No. At no point was anyone’s data exposed, nor was it ever in danger of being exposed.
Out of an abundance of caution, we have deleted all the accounts created during the brief period of time when the automated activity occurred. We are retaining the email addresses used by the third party only long enough to notify those users affected, and then we will be purging the email addresses from our systems.
We are aware that some legitimate users registered accounts while the automated activity was occurring. Unfortunately, a few of those accounts will also be deleted by this purge. We’re sorry if you’re one of these affected users! If that is you, please create a new account and reach out to our support team.
The vast majority of the email addresses used during this automated attempt to create accounts were not already associated with Nexus Equity users. We are a privacy-conscious company and we don’t keep any lists of emails addresses for non-users. This confirms that we were not the source of this data.
If you received an unexpected email saying someone attempted to register an account on your behalf at Nexus Equity or any other online service, your email address may have been included in publicly available breach data. Trusted third-party tools like Have I Been Pwned? are a useful resource for finding out if your email address has been seen in breach data, and in which data breaches it may have been seen.
In general, especially if your email address has appeared in breach data, you’ll want to follow security best practices like changing your existing passwords, never reusing passwords, and using non-SMS Two Factor Authentication on any account that supports it. Password managers like 1Password are essential tools that should be utilized to ensure you’re using unique and secure passwords.