The leading cryptocurrency price tracking platform CoinMarketCap (CMC) recently leaked the email addresses of more than 3 million users.
According to a fresh report by a website that tracks several cybersecurity threats, including hacks and compromised online accounts, about 3,117,548 email addresses of CMC users were leaked on October 12.
However, the leak remained unknown until the email addresses were discovered on several hacking forums where they were exchanged.
Coinmarketcap Confirms Data Leak
The report further revealed that the passwords to these leaked email addresses were not compromised in the hack.
Speaking on this, a representative from CMC said:
“CoinMarketCap has become aware that batches of data have shown up online purporting to be a list of user accounts. While the lists of data we have seen are just email addresses (not passwords) , we found a correlation with our subscriber base.
The knowledge that no passwords were compromised by the leak brings a measure of relief to the affected users. Additionally, the lack of passwords could indicate that the attack on CoinMarketCap probably would not have been for a major theft.
However, the data leak has compromised user privacy and could give room for several targeted attacks on customers, including phishing.
Still a mystery
The CoinMarketCap representative further revealed that the data breach was not from any of the site’s servers, and they are yet to identify the exact cause of the hack.
“We have not found any evidence of a data leak from our own servers – we are actively investigating this issue and will update our subscribers as soon as we have new information.”
Not the First
Meanwhile, data leaks are not a new phenomenon in the cryptocurrency industry. Over the past few years, several crypto companies including BitMEX, Ledger and many others have experienced similar user data leaks, putting millions of customers at risk.
In late 2020, hardware wallet provider Ledger discovered that the personal data of several of its users, including email addresses, phone numbers, postal addresses, and more, had been leaked on various public forums.
