According to Have I Been Pwned, 3.1 million email addresses associated with CoinMarketCap accounts were purportedly exchanged on hacker forums.
CoinMarketCap, a cryptocurrency price monitoring website, has purportedly been hacked, exposing 3.1 million (3,117,548) user email addresses.
The information became public when the stolen email addresses were discovered being bought and sold online on different hacker forums, as well as being reported by Have I Been Pwned, a website devoted to monitoring hacks and compromised internet accounts.
CoinMarketCap, a subsidiary of Binance, verified that the list of leaked user accounts matched the exchange’s user base: “CoinMarketCap has become aware that batches of data claiming to be a list of user accounts have appeared online. While the data lists we’ve seen include solely email addresses, we’ve discovered a link to our subscriber base.”
While the business confirmed the linkage of the 3.1 million (3,117,548) user email addresses with its user base on Oct. 12, it claimed that the hackers did not have access to any of the user account passwords. “We have not discovered any indication of a data breach from our own systems – we are currently researching this matter and will notify subscribers as soon as we learn of any new information,” a CoinMarketCap spokeswoman stated.
Despite the confirmation, CoinMarketCap has not yet determined the precise source of the attack. CoinMarketCap said in response to Cointelegraph’s request for comment: “Because the data we have seen contains no passwords, we assume it was most likely received from another network where individuals reused passwords across several sites.”
A recent attack on the Coinbase cryptocurrency exchange exposed 6,000 user credentials. The incident occurred as a consequence of the exchange’s multifactor authentication (MFA) mechanism being abused, implying that the hackers gained access to the users’ email addresses. Coinbase reports that the attackers discovered a flaw in the account recovery process:
“In this event, a third party exploited a weakness in Coinbase’s SMS Account Recovery procedure to get an SMS two-factor authentication token and gain access to your account for customers who utilize SMS texts for two-factor authentication.”
While Coinbase has not disclosed the amount of the stolen assets, the event was accompanied by hundreds of official complaints lodged against the firm by account holders.
Also Read: 200 Bitcoin ATMs Installed At Walmart… With Plans For 8,000 In Total
Wallets