Nansen stopped the malicious activity shortly after the affected vendor informed them about the incident, but the ensuing investigation confirmed that user data was compromised.