# Internal Service Provider Attack

This is a common source of loss for custodial services. Internal employees often have access to databases and servers hosting the company's keys. The Shapeshift exchange was the victim of [one such attack](https://web.archive.org/web/20160421170714/https://www.coindesk.com/digital-currency-exchange-shapeshift-says-lost-230k-3-separate-hacks). Other exchanges have been attacked, not by employees, but by attackers that gain access to employee [credentials](https://web.archive.org/web/20150706043206/http://www.coindesk.com/unconfirmed-report-5-million-bitstamp-bitcoin-exchange/) or laptops. Employees are also in the best position to push out malicious software to their unwitting customers.

**Mitigation:** 

* Not your keys, not your coins. Use sovereign products that give you key control.
* Redundancy: your key management system should not depend on trusting a single manufacturer or software. For example, if using hardware wallets, the wallet firmware can provide checks and balances on the provider of your key management software.