CoinMarketCap, a price-tracking web site for cryptocurrencies, has reportedly fallen sufferer to a hack that leaked 3.1 million user email addresses.
The info got here into mild after the hacked email addresses have been discovered to be traded and offered on-line on varied hacking boards, and revealed by Have I Been Pwned, an internet site devoted to monitoring hacks and compromised on-line accounts.
CoinMarketCap, a subsidiary of Binance cryptocurrency trade, confirmed that the listing of leaked user accounts matched its userbase:
“CoinMarketCap has become aware that batches of data have shown up online purporting to be a list of user accounts. While the data lists we have seen are only email addresses, we have found a correlation with our subscriber base.”
While confirming the leak of 3.1 million (3,117,548) user email addresses on Oct. 12, the corporate has assured that the hackers didn’t acquire entry to any of the account passwords. “We have not found any evidence of a data leak from our own servers — we are actively investigating this issue and will update our subscribers as soon as we have any new information,” CoinMarketCap spokesperson mentioned.
Despite the affirmation, CoinMarketCap is but to establish the precise explanation for the hack.
CoinMarkatCap didn’t instantly reply to Cointelegraph’s request for remark.
Related: Hackers exploit MFA flaw to steal from 6,000 Coinbase clients — Report
A latest hack on the Coinbase crypto trade resulted within the compromise of 6,000 user accounts.
The assault was a results of exploiting the trade’s multi-factor authentication (MFA) system, which means that the hackers had entry to the user’s email addresses. According to Coinbase, the attackers recognized a vulnerability within the account restoration course of:
“In this incident, for customers who use SMS texts for two-factor authentication, the third party took advantage of a flaw in Coinbase’s SMS Account Recovery process in order to receive an SMS two-factor authentication token and gain access to your account.”
While the worth of stolen property is but to be revealed by Coinbase, the incident was complimented by 1000’s of formal complaints from the account holders towards the corporate.