CoinMarketCap, a cryptocurrency price tracking website, has been the victim of a hack that has leaked 3.1 million (3,117,548) user email addresses.
The information came to light after it was discovered that the hacked email addresses were being traded and sold online on various hacker forums, and was revealed by Have I Been Pwned, a website dedicated to tracking hackers and compromised online accounts.
CoinMarketCap, a subsidiary of crypto exchange Binance, confirmed that the list of filtered user accounts matched your user base:
“CoinMarketCap has noticed that batches of data have appeared online claiming to be a list of user accounts. Although the data lists we have seen are just email addresses, we have found a correlation with our subscriber base.” .
Although it has confirmed the correlation of the 3.1 million (3,117,548) user email addresses with its user base on October 12, the company has ensured that the hackers did not access any of the account passwords. “We have not found any evidence of a data leak from our own servers, we are actively investigating this matter and will update our subscribers as soon as we have any new information,” the CoinMarketCap spokesperson said.
Despite confirmation, CoinMarketCap has yet to identify the exact cause of the hack. In response to Cointelegraph’s request for comment, CoinMarketCap said:
“As there are no passwords included in the data we have seen, we think it most likely came from another platform where users may have reused passwords on multiple sites.”
A recent hack on crypto exchange Coinbase resulted in the compromise of 6,000 user accounts.
The attack was the result of exploiting the exchange’s multi-factor authentication (MFA) system, suggesting that hackers had access to users’ email addresses. According to Coinbase, the attackers identified a vulnerability in the account recovery process:
“In this incident, for customers using SMS texts for two-factor authentication, the third party took advantage of a flaw in Coinbase’s SMS account recovery process to receive a two-factor authentication token by SMS and obtain access to your account “.
Although the value of the stolen assets has yet to be disclosed by Coinbase, the incident was supplemented by thousands of formal complaints from account holders against the company.
Keep reading: