Coinmama, one of the largest crypto brokerages in the global market with 1.3 million active users, suffered a security breach on February 15. The official statement of the exchange disclosed that 450,000 email addresses and passwords were leaked in a massive global hacking attack involving…
Coinmama, one of the largest crypto brokerages in the global market with 1.3 million active users, suffered a security breach on February 15.
The official statement of the exchange disclosed that 450,000 email addresses and passwords were leaked in a massive global hacking attack involving 24 websites and some 747 million records.
The Coinmama team said:
Today, February 15, 2019 Coinmama was informed of a list of emails and hashed passwords that were posted on a dark web registry. Our Security Team is investigating, and based on the information at hand, we believe the intrusion is limited to about 450,000 email addresses and hashed passwords of users who registered until August 5th, 2017.
This comes as part of a larger breach affecting 24 companies and a total of 747 million user records.
No cryptocurrencies such as Bitcoin, Ethereum and Ripple were stolen from user wallets and the security team at Coinmama is currently investigating the alleged attack.
The security breach which Coinmama fell victim to is not exclusive to the platform or the cryptocurrency sector.
Some of the most widely utilized platforms such as the popular dating app Coffee Meets Bagel and MyFitnessPal reportedly suffered identical attacks.
Speaking to TechCrunch, IntSights research team leader Ariel Ainhoren stated that the same vulnerability from previous attacks was used to break into the databases of large-scale platforms.
Most sites affected in the breach were running PostgreSQL database software, and once the hacker found a way to infiltrate into the system, the hacker downloaded the database across a wide range of sites.
We’re still analyzing it, but it could have been that he used some kind of vulnerability that surfaced around that time and wasn’t patched by these companies or a totally new unknown vulnerability.
As most of these sites were not known breaches, it seems we’re dealing here with a hacker that did the hacks by himself, and not just someone who obtained it from somewhere else and now just resold it.
No usernames and passwords leaked on the dark web have been accessed by the hackers and since the brokerage issued a statement to its users immediately after the release of the report, most users were able to change their passwords.
However, if the database of Coinmama dumped on the dark web had been acquired by a buyer with malicious intent, it could have led to unauthorized withdrawals on the platform’s wallets that had not enabled two-factor authorization (2FA).
In the short-term, the company said that it will strengthen the security measures of the platform to prevent unauthorized access of user information and funds.
“Adding continuous enhancements to our systems to detect and prevent unauthorized access to user information. Monitoring for any external indication that the compromised data is being used, and keeping our customers notified,” the Coinmama team noted.
The alleged security breach of Coinmama’s database comes in a period during which the confidence towards the cryptocurrency market is on the decline due to cases such as QuadrigaCX.
Although no funds were stolen as a result of the breach, the incident could further deteriorate the image of cryptocurrency exchanges.
In recent months, digital asset exchanges have started to be perceived as platforms with poor internal management systems and security measures despite the strong track record of major cryptocurrency exchanges that are establishing industry standards.
While many exchanges in the likes of Coinbase, Binance, and Gemini have not suffered a security breach or a hacking attack in the entirety of their existence, the growing number of security-related issues in the cryptocurrency exchange market has intensified the concerns of investors in the market.