$0 USD

OCTOBER 2021

GLOBAL

COINMARKETCAP

DESCRIPTION OF EVENTS

"CoinMarketCap is a website that tracks the price movement of cryptocurrency. Binance Capital Management, which runs cryptocurrency exchanges, acquired CoinMarketCap in April 2020." "A recent report by statistics firm HypeStat claimed that every day more than 20 lakh 70 thousand people from countries like the US, India and Japan visit the platform to price-track and stay updated on cryptocurrencies."

 

"Have I Been Pwned is a website that tracks hacks and compromised accounts online."

 

"On October 12, 2021 CoinMarketCap customer database was breached resulting the leak of 3.1M user email addresses. As with previous such leak, expect to see an increase in cryptocurrency related phishing attacks." "Data from more than 3 million users of CoinMarketCap (CMC) was leaked in early October, crypto tracker confirmed."

 

"CryptoPotato reported earlier this week that the registered email IDs of 3,117,548 CMC users were illegally extracted and uploaded to hacking platforms by cybercriminals on October 12. These email ids are now being traded on the dark web."

 

"“CoinMarketCap has become aware that batches of data have shown up online purporting to be a list of user accounts. While the data lists we have seen are only email addresses (no passwords), we have found a correlation with our subscriber base.”"

 

"New breach: 3.1M email addresses from CoinMarketCap were found being traded this month. CMC have advised there is "a correlation with our subscriber base", but are yet to identify the source of the data. 99% were already in @haveibeenpwned https://haveibeenpwned.com"

 

"CoinMarketCap, however, did not say if the email list correlates 100% with accounts on its platform." “We have not found any evidence of a data leak from our own servers,” CoinMarketCap noted, adding that it will provide future updates."

 

A CryptoPotato report quoted a person associated with the CMC as saying, “The data lists we have seen are only email IDs and do not contain any passwords. We are connected with our subscriber base. We haven’t found any evidence of data leaks from our own servers. We are actively investigating this issue and will update our subscribers as soon as we have new information”. (The identity of the individual has not been disclosed.) "[T]he way in which the data was leaked is still unknown."

 

"You may have seen some information online about CoinMarketCap emails — we want to assure our users that there has been no leak from our own servers. We urge everyone adopt good cybersecurity habits, and to have unique passwords on every site they use."

 

"We believe that a bad actor (or actors) took a list of leaked emails (this list that claims to be from CoinMarketCap) and compared it with other batches of leaked data," the company says. "This is how the list of emails that claims to be from CoinMarketCap looks real -- it’s because it’s a 'cleaned' email dataset from the Dark Web that has occurred in previous leaked email sets totally unrelated to CoinMarketCap."

 

"Following the report, a lot of Coin Market Users who use the platform to monitor their investments are reporting on social media platforms about security alerts. The users claim that they have been getting security alerts for a few days, which seems to coincide with the security breach and data leak."

 

"Regardless of where the list originates, having an accurate, long list of people who are interested in cryptocurrency is very useful for attackers for phishing attempts. Given that this data appears to have been circulating for at least two months, that's likely already been occurring."

A list of 3.1M email addresses, with strong correlation to users registered on CoinMarketCap, was found online. CoinMarketCap claims that the list must have come from an alternate source, and they were unable to find a breach on their servers. However, no complete alternative hypothesis has been brought forth. No passwords or other data were included on the list.

HOW COULD THIS HAVE BEEN PREVENTED?

Using separate email addresses for each registration can limit the potential impacts of any data breach, and enable accurate knowledge of what was breached. Always pay special care to the source of email messages, and never interact directly with an email message. Instead, go to the official website of the service to confirm any actions needed.

 

Check Our Framework For Safe Secure Exchange Platforms

Sources And Further Reading

 For questions or enquiries, email info@quadrigainitiative.com.

Get Social

  • email
  • reddit
  • telegram
  • Twitter

© 2021 Quadriga Initiative. Your use of this site/service accepts the Terms of Use and Privacy Policy. This site is not associated with Ernst & Young, Miller Thompson, or the Official Committee of Affected Users. Hosted in Canada by HosterBox.