Emails from CoinMarketCap users in the wild
Popular among cryptocurrency enthusiasts, CoinMarketCap data aggregator suffered a data breach that resulted in the disclosure of millions of user emails.
According to the Have I Been Pwned site, 3.1 million emails (3,117,548) linked to CoinMarketCap accounts are for sale on hacking forums.
CoinMarketCap, acquired by Binance in April 2020, confirmed the information and explained that the list of leaked user accounts matched its user base:
“CoinMarketCap has learned that lots of data has appeared online claiming to be a list of user accounts. While the data lists we saw are just email addresses, we found a correlation with our subscriber base. “
How the data was disclosed is still unknown, but it is believed to have taken place on October 12, 2021. CoinMarketCap also explained that the hackers did not have access to account passwords and that the leak did not originate from of these servers.
“We have not found any evidence of a data leak from our own servers, we are actively investigating this issue and will update our users as soon as we have new information. “
Data breaches are common
Despite the absence of immediate risks, this leak nevertheless violates the privacy of users. It could also give malicious people the resources to carry out further attacks, especially since CoinMarketCap users have been the subject of phishing campaigns in the past.
Other companies in the crypto industry, including Celsius, Ledger, and BitMEX, have experienced similar leaks involving email addresses and even user personal information. Each of these leaks has occurred in the past 2 years.
In response to the data breach, CoinMarketCap recalled some basic IT hygiene rules:
“We encourage everyone to adopt good cybersecurity habits, and to have unique passwords on each site they use. “
👉 To read on the same subject: Crackdown in China: access to CoinMarketCap, CoinGecko and TradingView has been cut
About the author: Florent David
Engaged in the crypto ecosystem since 2017. I am particularly interested in decentralized finance (DeFi), Ethereum 2.0 and non-fungible tokens (NFTs).
All articles by Florent David.