CoinMarketCap was reportedly breached, and around 3.1 million user email addresses were exposed online. The price-tracking website has confirmed this breach but has stated that it is looking at the origin of the breach.
Details of this breach were exposed after the hacked email addresses were located on multiple hacking forums, where the data was being traded. The email addresses being sold were identified by Have I Been Pawned, a website that tracks hacking attacks and breached online accounts.
CoinMarketCap Confirmed Breach
CoinMarketCap is an affiliate firm of the Binance cryptocurrency exchange. The tracking platform confirmed the breach stating that the email addresses correlated with what it had on its user base.
“CoinMarketCap has become aware that batches of data have shown up online purporting to be a list of user accounts. While the data lists we have seen are only email addresses, we have found a correlation with our subscriber base,” the statement by CoinMarketCap stated.
However, while CoinMarketCap confirmed that the email addresses being sold on hacking forums correlated to data on their systems, the price tracking firm stated that the threat actors did not gain access to account passwords.
“We have not found any evidence of a data leak from our own servers – we are actively investigating this issue and will update our subscribers as soon as we have any new information.”
While users are relieved by the statement that none of their account passwords were compromised, there is still fear of threat actors using the information to launch other attacks. The most common form of attack that can result from this breach is phishing attacks where threat actors seek to gain access to the accounts of users by tricking them into sharing their passwords and other critical information.
Similar Occurrences in the Past
The crypto market is a major target of threat actors. Data leaks are a common occurrence in this sector, given that the space is mostly digitalized, making it the perfect focus by threat actors who are looking to cash in from the growing adoption.
Other crypto firms such as BitMEX and Ledger have also been victims of similar data leaks. These leaks have inconvenienced millions of customers, who remain worried about their details being sold on dark web forums.
Ledger, a hardware wallet provider, suffered a similar breach in 2020 where the personal details of users were exposed and published on multiple online forums. While this data is not compromising on its own, it can be used to phish for more information or conduct brute-force attacks on user accounts.
Looking to buy or trade Crypto now? Invest at eToro!
67% of retail investor accounts lose money when trading CFDs with this provider