Leading cryptocurrency price tracking platform CoinMarketCap (CMC) recently had email addresses of over 3 million users leaked.
According to a fresh report by a website that tracks several cybersecurity threats, including hacks and compromised online accounts, about 3,117,548 email addresses of CMC users were leaked on October 12.
However, the leak remained unknown until the email addresses were discovered on several hacking forums where they were being traded.
Coinmarketcap Confirms Data Leak
The report further revealed that the passwords to these leaked email addresses were not compromised in the hack.
Speaking on the matter, a CMC representative said:
“CoinMarketCap has become aware that batches of data have shown up online purporting to be a list of user accounts. While the data lists we have seen are only email addresses (no passwords), we have found a correlation with our subscriber base.”
The knowledge that no passwords were compromised by the leak brings a measure of relief to the affected users. Additionally, the absence of passwords could indicate that the attack on CoinMarketCap would likely not have been for a major heist.
However, the data leak has compromised user privacy and could give room for several targeted attacks on customers, including phishing.
Still a Mystery
The CoinMarketCap representative further revealed that the data breach was not from any of the site’s servers, and they are yet to identify the exact cause of the hack.
“We have not found any evidence of a data leak from our own servers — we are actively investigating this issue and will update our subscribers as soon as we have any new information.”
Not the First
Meanwhile, data leaks are not a new phenomenon in the cryptocurrency industry. Over the past few years, several crypto companies, including BitMEX, Ledger, and many more, have experienced similar user data leaks, jeopardizing millions of customers.
In late 2020, hardware wallet provider Ledger discovered that the personal data of several of its users, including email addresses, phone numbers, postal addresses, and more, had been leaked on various public forums.