If you use the My Portfolio feature (and you really should use the My Portfolio feature ) then you probably have created API keys on an exchange in order to connect your account. It is extremely important to make sure your keys are READ ONLY. Please see the screenshot below of how it should look on Binance:
Notice that "Enable Trading" and "Enable Withdrawals" are both unchecked.
This is important because it means that anyone that gets hold of your API key, including us, cannot actually transact on your account. The absolute worst thing someone can do with this API key, is obtain a copy of your transaction history. In other words, they cannot cause any real harm.
However, if you enable trading and withdrawals, someone with the key could actually withdraw your funds or seriously mess up your portfolio. Stay on the safe side and use read only api keys!
Can you share the KE server IP so we can also enable the "Restrict access to trusted IPs only" option?