On Friday, February 15, popular cryptocurrency brokerage platform Coinmama suffered a massive security breach wherein email addresses and passwords of 450,000 active users were breached. Coinmama was the victim of a massive global attack comprising of 24 websites and 747 million records.
Crypto brokerage firm Coinmama has over 1.3 million active users. The official statement from the brokerage firm reads:
“Today, February 15, 2019 Coinmama was informed of a list of emails and hashed passwords that were posted on a dark web registry. Our Security Team is investigating, and based on the information at hand, we believe the intrusion is limited to about 450,000 email addresses and hashed passwords of users who registered until August 5th, 2017. This comes as part of a larger breach affecting 24 companies and a total of 747 million user records”.
The internal security team at Coinmama is currently investigating the attack. However, they said that no digital currency like Bitcoin, Ethereum, and Ripple were stolen from the users’ wallets.
Hackers Couldn’t Get Access to the Leaked Information
The good thing is that the hackers couldn’t get access to the usernames and passwords leaked on the dark web. The brokerage firm was quick enough to inform its users upon receiving the hacking report and more users were able to change their passwords.
If anyone with malicious intent would have acquired the database of Coinmama, they could have withdrawn funds user wallets that have not enabled the two-factor authentication (2FA) security feature.
However, Coinmama said that its team is working to develop enough security cover for the platform that could prevent unauthorized access of user funds and information.
“Adding continuous enhancements to our systems to detect and prevent unauthorized access to user information. Monitoring for any external indication that the compromised data is being used, and keeping our customers notified,” the Coinmama team noted.
The latest Coinmama security breach comes at such a time when the crypto market is already facing a confidence crunch due to several such incidents over the last year. Earlier this month, Canada-based crypto platform QuadrigaCX lost $190 million worth of investors’ funds after the sudden death of its owner who was supposedly having the private keys to the exchange’s wallets.
However, note that this attack on Coinmama’s database was not specific to the cryptocurrency sector. Coinmama is the victim of a larger attack including other casualties like popular dating app Coffee Meets Bagel and MyFitnessPal.