And this weekend arrived with quite serious bulletins around the crypto industry. An Israel based crypto exchange, Coinmama suffered a massive data breach. It has been revealed that about 450000 users were affected and their emails and hashed passwords were breached.
Coinmama Suffered Data Breach
A quick Reddit post and twitter handle explain that the Coinmama, a cryptocurrency exchange has faced security breach on February 15, 2019. Although the exchange informs its users immediately, the hack left a negative mark on the trading platform.
— Jacob Canfield🔰(Official Account) (@JacobCanfield) February 16, 2019
It has also revealed via exchange’s official website that around 450,000 email addresses, as well as the passwords, were leaked from the trading platform. The incident comes amidst the multi-platform hack counting 24 companies affected with the total of 747 million records leaked from travel booking, streaming, and gaming sites. As per the exchange, the data of those users have been posted on a dark web registry.
Today, February 15, 2019 Coinmama was informed of a list of emails and hashed passwords that were posted on a dark web registry. Our Security Team is investigating, and based on the information at hand, we believe the intrusion is limited to about 450,000 email addresses and hashed passwords of users who registered until August 5th, 2017. This comes as part of a larger breach affecting 24 companies and a total of 747 million user records.
As quickly as the incident happened, the exchange published a blog post on the same day, informing its users about the event and the action that its team is performing immediately. Moreover, the exchange has also sent an email about the incident to all its users. Snap of the email is shared below (Reference of image)
No Cryptocurrencies were Stolen
The blog post mentioned that the exchange is consulting with leading cybersecurity firms to protect customers. Few of such security steps mentioned on the blog is as follows;
- Notifying users that were affected by this breach with steps to safeguard their accounts and protect their data
- Requiring users who are possibly affected to reset their password upon next login and urging all other users to verify that their passwords are unique and strong
- Monitoring our systems for suspicious activity
- Adding continuous enhancements to our systems to detect and prevent unauthorized access to user information
- Monitoring for any external indication that the compromised data is being used, and keeping our customers notified
As of now, the exchange has lost user data only and no cryptocurrencies were hacked from the user’s wallet. Moreover, the platform is also reaching affected users to reset their passwords for their Coinmama account which should be strong, robust and unique. Accordingly, Coinmama has also ensured that they’re tracking any external signals that would affect the data of the exchange. Following the Cryptopia hack, Coinmama is the second profile in the crypto industry to get affected in 2019.