Israel-based crypto brokerage Coinmama — which allows users to purchase Bitcoin (BTC) and Ethereum (ETH) using a credit card — has suffered a major data breach affecting 450,000 of its users. The incident was disclosed in an official company announcement on Feb. 15.
The breach is reportedly part of a mammoth, multi-platform hack that affected 24 companies and a total of 747 million records — among them gaming, travel booking and streaming sites.
Coinmama says a list of around “450,000 email addresses and hashed passwords” of users who registered on its platform before Aug. 5, 2017 have been posted on a dark web registry:
Read more on CoinTelegraph.
The following statement was posted on CoinMama yesterday:
Today, February 15, 2019 Coinmama was informed of a list of emails and hashed passwords that were posted on a dark web registry. Our Security Team is investigating, and based on the information at hand, we believe the intrusion is limited to about 450,000 email addresses and hashed passwords of users who registered until August 5th, 2017. This comes as part of a larger breach affecting 24 companies and a total of 747 million user records.
As of February 15, 2019, there has been no evidence of this data being used by perpetrators. Given the dated nature of the published data, we have no reason to suspect that any other Coinmama systems are compromised. Coinmama does not store credit card information.
What we are doing
As soon as we became aware of the incident, we immediately established an Incident Response Team to identify the nature and scope of the intrusion. We also took immediate action consulting with leading cybersecurity firms, and are taking steps to protect our customers, including:
- Notifying users that were affected by this breach with steps to safeguard their accounts and protect their data
- Requiring users who are possibly affected to reset their password upon next login and urging all other users to verify that their passwords are unique and strong
- Monitoring our systems for suspicious activity
- Adding continuous enhancements to our systems to detect and prevent unauthorized access to user information
- Monitoring for any external indication that the compromised data is being used, and keeping our customers notified
What this means for you
We take your privacy very seriously and are alerting you about this incident so you can take steps to help protect your information:
If you registered prior to August 5th, 2017, immediately change your password and change it on any other service using the same login details (email and password). We’ve sent you an email with further instructions on how to protect your account and data
We’re taking this opportunity to remind all users to use a unique password with at least 8 characters, using both upper-case and lower-case letters and a mixture of number and symbols
Be careful of any unexpected communication that asks for your personal data or directs you to a website asking for your personal data
Avoid clicking links or downloading attachments from suspicious emails
For questions, comments or any information you might have that could help us mitigate and communicate this incident, send an email at [email protected]
We will keep this post updated with any new information that our investigation might uncover.