The most recent data breach in the cryptocurrency sector saw over three million email addresses stolen from CoinMarketCap.
CoinMarketCap the latest victim of a cyberattack
It seems that no week goes by without a fresh hacker attack in the cryptocurrency space. This time CoinmarketCap, a price-tracking site for cryptocurrencies was attacked. 3.1 million user email addresses have reportedly fallen victim to a hack, which was discovered after the addresses were found to be traded on various hacking forums. This was reported by Have I Been Pwned, a website dedicated to tracking hacks and compromised online accounts.
CoinmarketCap, a subsidiary of Binance, a cryptocurrency exchange that has had its own set of problems with regulators and bans around the world. The site is quoted to be aware that batches of data have shown up online and the surfaced email addresses correlate to those in its subscriber base. CoinmarketCap reports that no account passwords are affected, and is “actively investigating this issue and will update our subscribers as soon as we have any new information.” The exact cause of the hack is unknown and CMC suspects that passwords may have been sourced from another platform where the targeted users had used the same password.
This comes shortly after Coinbase was targeted in a similar exploit that saw over 6,000 user accounts compromised. Back then, hackers had circumvented the exchange’s multi-factor authentication through a phishing attack and exploited a flaw in Coinbase’s SMS account recovery process to gain access to user accounts. Although victims filed thousands of formal complaints, Coinbase to this day has not revealed the magnitude of funds affected.
How to protect yourself against hacks
After several high-profile hacks this year, which also included the biggest-ever DeFi hack for over $600 million, users may ask themselves how safe cryptocurrencies really are. After all, it seems that attackers have many angles ranging from phishing attacks like in the example of Coinbase to breaching databases like on CoinmarketCap and even sending fake hardware wallets to users. Notwithstanding the convenience and privacy of cryptocurrencies, is this maybe not too high a price to pay?
Not necessarily, if you know how to protect yourself. Most attack vectors can be taken away by following a few basic steps. The first would be to secure your account with a strong ten-digit or more password consisting of lowercase and uppercase letters and digits. Although not ironclad as the example of Coinbase shows, multi-factor authentication is an absolute must for all accounts that allow it. You should also use a variety of different passwords for different accounts. A new password each time may be hard to remember, but in case of an exploit, you don’t want all your accounts to be potentially exposed, so having a few is good practice. Last but not least, hardware wallets are the safest place to store your cryptocurrency and virtually untouchable for cybercrime. As long as you buy yours from a trusted source and store it in a safe place, you can rest assured that your coins are safe.