Israel-based crypto brokerage Coinmama have announced that they have suffered a major data breach affecting 450,000 of its users. The incident was disclosed in an official company announcement. They say that they were informed that a list of emails and hashed passwords were posted on a dark web registry.
“Our Security Team is investigating, and based on the information at hand, we believe the intrusion is limited to about 450,000 email addresses and hashed passwords of users who registered until August 5th, 2017”.
Coinmama are taking steps to protect customers and have established an Incident Response Team to “identify the nature and scope of the intrusion”. Along with monitoring their systems for suspicious activities, they are consulting with leading cybersecurity firms and are notifying all users affected on how to safeguard their accounts.
Data For Sale On Dream Market
This is the second recent batch of hacked data. Last week, an individual was selling 620 million user records stolen from sixteen companies. This batch totals 127 million and originates from eight companies.
The data is currently being sold on Dream Market, a dark web marketplace where criminals sell any number of illegal products, such as user data, drugs and weapons. The data is being sold by the same person, or group, who go by the name Gnosticplayers. They are asking for $14500 in Bitcoin. It is unclear whether Gnosticplayers are the original hackers or if they bought the data to sell on for higher profit.
The Coinmama team said: “There has been no evidence of this data being used by perpetrators. Given the dated nature of the published data, we have no reason to suspect that any other Coinmama systems are compromised. Coinmama does not store credit card information”. Of all the companies affected, some breaches are not publicly known and have not been confirmed by the firms involved. It is worthwhile looking through the list of breached sites and change any passwords if you use these services.