One of the world’s largest crypto exchanges, Coinmama, experienced a breach in security on Friday, February 15th. The brokerage has more than 1.3 million users worldwide and shared that information for more than 450,000 accounts was leaked. Over 24 websites and nearly 747 million records were impacted by the global hack.
Coinmama Confirms Breach
Coinmama released its official statement saying, “Today, February 15, 2019, Coinmama was informed of a list of emails and hashed passwords that were posted on the dark web registry. Our Security Team is investigating, and based on the information at hand, we believe the intrusion is limited to about 450,000 email addresses and hashed passwords of users who registered until August 5th, 2017.”
Coinmama also sent out emails to users who they believed would be impacted by the incident:
The exchange has stated that no cryptocurrencies like Ripple, Ethereum, or Bitcoin were taken from user wallets, however, the Coinmama security team continues to look into the attack.
More Than Crypto Impacted
Even though the crypto industry suffered from the hack which Coinmama was a part of, other markets were impacted as well. For example, the Coffee Meets Bagel dating app, and the fitness app MyFitnessPal was also part of the breach.
TechCrunch’s Ariel Ainhoren, the site’s research team leader, suggested areas of vulnerability that were exploited in previous hacks were used to gain access to databases of large-scale systems.
The majority of the sites that suffered the attack were using database software PostgreSQL. When the hacker discovered a method to access the system, they downloaded the entire database which was spread across several sites.
Ainhoren went on to explain:
“We’re still analyzing it, but it could have been that he used some kind of vulnerability that surfaced around that time and wasn’t patched by these companies or a totally new known vulnerability. As most of these sites were not know breaches, it seems we’re dealing here with a hacker that did the hacks by himself, and not just someone who obtained it from somewhere else and now just resold it.”
Information like usernames and passwords available have been accessed on the dark web by the attackers since Coinmama was able to get the word out to its users relatively quickly. After the released of the report, the exchange notified its clients, and most were able to get their passwords changed immediately.
If, however, the Coinmama database were acquired by someone with nefarious purposes, the result could have been disastrous. Unauthorized withdrawals throughout the platform from user wallets without two-factor authentication enabled would have led to millions of dollars lost.
For now, Coinmama says that it will find new methods to make its security stronger so as to prevent this type of access from occurring again. The site aims to eliminate unauthorized access of user funds and information.
The Coinmama team went on to say that they are, “Adding continuous enhancements to our systems to detect and prevent unauthorized access to user information. Monitoring for any external indication that the compromised data is being used, and keeping our customers notified.”
Coinmama’s database breach could not have come at a worse time, as confidence in cryptocurrency continues to dwindle due to market decline. Even though no crypto was stolen, the perception is that cryptocurrency exchanges are unsecured and ill-prepared to handle hackers.
Additionally, many view these platforms as having poor internal systems in place and lacking in security measures. This is in direct contrast to the fact that many of the bigger cryptocurrency exchanges have established themselves as being secure and safe for their users.
Even though platforms like
Image Source: “Flickr”