Trusted

CoinMarketCap Warns Customers About Duplicating Passwords After Alleged Hack

2 mins
Updated by Leila Stein
Join our Trading Community on Telegram

In Brief

  • CoinMarketCap has released its findings into an alleged breach of its platform.
  • It established that the leak of email addresses was not a result of a cyber attack on their servers.
  • The leaked email addresses were obtained from other lists unrelated to CoinMarketCap.
  • promo

CoinMarketCap has released part of the findings from its investigation into a recent hack that saw over three million email addresses, allegedly from the platform, trading on hacking forums.

The cybercriminals took a list of email addresses leaked in another breach. They then compared them with other leaked data to create a list of email addresses supposedly from CoinMarketCap.

Following its investigation, CoinMarketCap confirms its servers were not the source of the breach. Instead, the platform believes that affected users used the same password for their CoinMarketCap accounts and other accounts. This was after a thorough check of their servers and a lack of passwords among the leaked data.

“As no passwords are included in the data we have seen, we believe that it is most likely sourced from another platform where users may have reused passwords across multiple sites,” says the team in a post.

The date of this “breach” was 12 October 2021 and involved 3,117,548 email addresses. However, no monetary losses have been announced due to the leak. This is in comparison to severe incidents like the Cryptopia attack, where significant sums were paid to claimants.

Therefore, without the possession of passwords, it seems unlikely that any funds will be lost.

“We urge everyone to adopt good cybersecurity habits and to have unique passwords on every site they use,” the team says.

Insurance for losses for each hack

CoinMarketCap belongs to the global exchange Binance. Binance purchased the company in March 2020 for an undisclosed price.

Coinbase, Binance’s direct competitor, recently experienced a hack by exploiting its Multi-Factor Authentication system. Over 6,000 customers’ funds lost funds through compromised passwords, email addresses, and phone numbers.

This was likely a social engineering scam. This is a scam where victims unwittingly divulge personal information, which the hacker then uses.

To Coinbase’s credit, they possess crime insurance that can replace assets lost through theft or cybersecurity breaches, and they were able to pay back the funds into user accounts. Overall, this kind of insurance has become increasingly necessary as hackers have identified cryptocurrency as a lucrative area of opportunity.

Hacker forums a breeding ground for KYC data trading

Data trading on hacker forums is nothing new. In March, a hack against Indian payment and wallet service provider MobiKwik saw 8.2TB of Know-Your-Customer (KYC) data compromised.

The data was allegedly available for sale on a hacker forum at 1.5 BTC. The seller set up a portal where a user could search by using a phone number or email address and get specific results from the 8.2TB of data.

Top crypto projects in the US | October 2024
Coinbase Coinbase Explore
Coinrule Coinrule Explore
3Commas 3Commas Explore
Uphold Uphold Explore
Chain GPT Chain GPT Explore
Top crypto projects in the US | October 2024
Coinbase Coinbase Explore
Coinrule Coinrule Explore
3Commas 3Commas Explore
Uphold Uphold Explore
Chain GPT Chain GPT Explore
Top crypto projects in the US | October 2024

Disclaimer

In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and ConditionsPrivacy Policy, and Disclaimers have been updated.

David-Thomas.jpg
David Thomas
David Thomas graduated from the University of Kwa-Zulu Natal in Durban, South Africa, with an Honors degree in electronic engineering. He worked as an engineer for eight years, developing software for industrial processes at South African automation specialist Autotronix (Pty) Ltd., mining control systems for AngloGold Ashanti, and consumer products at Inhep Digital Security, a domestic security company wholly owned by Swedish conglomerate Assa Abloy. He has experience writing software in C...
READ FULL BIO
Sponsored
Sponsored