CoinDesk Fixes CMS Exploit That Leaked Headlines Before Publication

The vulnerability appears to have allowed someone accessing an API to trade on nonpublic information ahead of the publication of at least one article.

AccessTimeIconFeb 4, 2022 at 6:14 p.m. UTC
Updated Feb 4, 2022 at 7:09 p.m. UTC

Michael J. Casey is CoinDesk's Chief Content Officer.

CoinDesk has fixed an issue that exposed the headlines of articles saved as drafts in the crypto news publication’s content management system (CMS).

The exploit, which was brought to CoinDesk’s attention by a white-hat hacker, may have allowed unidentified actors to profit from nonpublic information by making trades ahead of the publication of at least one article.

The issue is now fixed and added safeguards have been put in place.

We regret this unintended deviation from our commitment to level playing fields in crypto markets.

Michael J. Casey, chief content officer

Kevin Worth, CEO

DISCLOSURE

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.

CoinDesk - Unknown

Michael J. Casey is CoinDesk's Chief Content Officer.

CoinDesk - Unknown

Michael J. Casey is CoinDesk's Chief Content Officer.