Millions of email addresses associated with the crypto market capitalization website CoinMarketCap (CMC) have been compromised.
According to the data security breach website haveibeenpwned, 3.1 million addresses are now trading on “hacking forums.” The addresses are trading via dark web marketplaces, one source told CoinDesk Sunday.
CMC said Saturday it had become aware that batches of data had shown up online “purporting to be a list of user accounts.” It is unclear how the addresses were obtained. The website also said only addresses and not passwords had been exposed though it discovered a correlation and warned users to use separate and unique passwords across multiple sites.
“At this point in our investigation, we’ve come to the conclusion that the leak did not come from CoinMarketCap servers,” CMC said on its blog. “As no passwords are included in the data we have seen, we believe that it is most likely sourced from another platform where users may have reused passwords across multiple sites.”
CMC did not immediately respond to CoinDesk’s request for comment.