‘Analysis Ongoing’: Nifty Gateway Addresses NFT Security Concerns

The popular NFT marketplace suggests users use strong passwords and enable two-factor authentication.

AccessTimeIconMar 15, 2021 at 5:18 p.m. UTC
Updated Sep 14, 2021 at 12:26 p.m. UTC
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global hub for everything crypto, blockchain and Web3.Register Now

Nifty Gateway, the popular non-fungible token marketplace, warned in a statement that a small group of its users experienced “account takeovers.” Victims have claimed they either had their NFTs stolen or NFTs purchased using their credit card information and then stolen.

  • In its statement Nifty said, “Our analysis is ongoing but our initial assessment indicates that the impact was limited, none of the impacted accounts had 2FA enabled, and access was obtained via valid account credentials.”
  • Two-factor authentication (2FA) is not currently mandatory on Nifty Gateway, but that may be changing. 2FA is an extra layer of security that forces someone to provide two pieces of evidence proving his or her identity when trying to access an online account. Usually it comes in the form of a password and a unique code for one-time use. 
  • “A few users were targeted and got their passwords compromised,” said Nifty Gateway co-founder Griffin Cock Foster on Twitter. “In the meantime, make sure you have Authy 2fa turned on, it would have prevented this!! We are strongly exploring making Authy 2fa mandatory for anyone who has made a purchase, but no commitments there yet.”
  • NFTs have exploded in popularity in recent months, with one piece of digital artwork by the artist Beeple selling for $69.3M in ETH on Friday. 

This is a developing story and will be updated.


Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by Block.one; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.

Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.