3 Million CoinMarketCap Email Addresses Have Leaked
The leak occurred last Tuesday, affecting email addresses but not passwords.
Share this article
Email addresses belonging to 3.1 million CoinMarketCap users were leaked last week, according to Have I Been Pwned.
Leak Took Place Last Week
Have I Been Pwned says that the website’s database was breached on Oct. 12, 2021. Exactly 3,117,548 email addresses, not including passwords, were stolen in the security breach.
CoinMarketCap reportedly admitted that “batches of data have shown up online purporting to be a list of user accounts” and that it has “found a correlation with [its] subscriber base.”
However, the way in which the data was leaked is still unknown. “We have not found any evidence of a data leak from our own servers,” CoinMarketCap noted, adding that it will provide future updates.
The fact that the leaked data does not include passwords, combined with the fact that CoinMarketCap does not act as an exchange, means the attack is unlikely to cause a large-scale theft.
Data Leaks Are Common
Despite the lack of immediate risks, this leak nevertheless damages user privacy. It could also give attackers the resources to carry out further attacks, especially given that CoinMarketCap has acknowledged phishing campaigns in the past.
Several other crypto companies including Celsius, Ledger, and BitMEX have experienced similar leaks concerning email addresses and user information. Each of those leaks took place over the last two years.
Crypto exchange Binance, which owns CoinMarketCap, was targeted by an unrelated attack in 2019. That attack succeeded in stealing 2% of the company’s Bitcoin holdings.
Disclaimer: At the time of writing this author held less than $75 of Bitcoin, Ethereum, and altcoins.