One of the largest crypto brokerage platforms in the world has suffered a severe security breach. Coinmama, which is the platform’s name, experienced the breach on February 15. As a result, email addresses and passwords of over 450,000 users have been compromised. The attack involved about 24 websites associated with Coinmama and about 747 million data records. Coinmama boasts a user base of over 1.3 million users.
Moments after the hack, the platform’s management took swift measures to stem the hack after a list of the compromised email addresses and passwords was leaked somewhere in the dark web. According to the investigating team at Coinmama, only about 450,000 users were affected. Those affected are mainly users who joined the platform before 5th August, 2017.
However, no cryptos were stolen during the hack and none of the leaked login information has been used to access the users’ accounts. The platform has since moved to notify its users to change their login details to avoid the leaked information being used to steal from their accounts. The company has also pledged to strengthen the security system on the platform to prevent unauthorized access in the future.
Not The First
Coinmama isn’t the first online platform to experience such intrusion. Others like MyFitnessPal and Coffee Meets Bagel have had the same experience. According to Ariel Ainhoren from IntSights, the same vulnerability has been used to hack into other large databases and most of these platforms were running a particular database software, PostgreSQL. The vulnerability allowed the hacker to download the databases across multiple websites once they penetrated the main system. Ariel was speaking to TechCrunch.
The hack occurs just as reports are spreading of another crypto exchange known as QuadrigaCX that has lost its customers’ money stored in inaccessible cold wallets. These types of incidents have made the people’s confidence in crypto markets and exchanges in particular to wane, and that’s not something that exchanges would welcome.
That adds to the growing sentiment that crypto exchanges have poor security and management systems that don’t quite protect the users’ digital assets adequately. However, most of these cases are isolated, especially considering that there are large crypto exchanges like Binance, Coinbase, and Gemini that have set high-security standards and have never been hacked since they entered the industry.