CoinMarketCap Hack Leaks 3.1 Million Email Addresses

CoinMarketCap, a website that tracks crypto prices, has reportedly fallen victim to a hack. This caused 3.1 million (3,117,548) email addresses of users to be leaked.


Leaked email addresses

The information came to light after it emerged that the hacked email addresses were being traded and sold online on various hacking forums. This revealed’Have I Been Pwned‘, a website dedicated to tracking hacks and compromised online accounts.

CoinMarketCap, a subsidiary of Binance, confirmed that the list of leaked user accounts matched the userbase:

“CoinMarketCap has become aware that batches of data have emerged online claiming to be a list of user accounts. Although there are only email addresses on these lists, we have found a connection to our user base.”

While it confirmed the correlation of the 3.1 million email addresses with its userbase, the company assured that the hackers did not gain access to the passwords. “We have not found any evidence of a data breach from our own servers – we are actively investigating this issue and will update our users as soon as we have new information,” a CoinMarketCap spokesperson said.

Despite the confirmation, CoinMarketCap has yet to identify the exact cause of the hack. CoinMarketCap said the following:

“Since there are no passwords included in the data we saw, we think it most likely comes from another platform where users use the same passwords on multiple sites.”

A recent hack on the Coinbase crypto exchange resulted in 6,000 user accounts being compromised.


Cause of the hack

The attack was the result of misuse of the exchange’s multifactor authentication system (MFA). This suggests that the hackers had access to the user’s email addresses. According to Coinbase, the attackers identified a vulnerability in the account recovery process:

“In this incident, for customers using SMS for two-factor authentication, the third party took advantage of an error in Coinbase’s SMS account recovery process. They received an SMS token for two-factor authentication and thus gained access to your account.”

The value of the stolen assets has yet to be revealed by Coinbase. Thousands of formal complaints from users against the company have already been received.

If you click links in this post to buy something, we may earn a commission. Thanks.

Must Read

Related Articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here