Approximately 450,000 e-mail addresses and passwords from users of Coinmama, an Israeli crypto-fiat exchange, have been stolen as a result of a data breach. The hack took place on February 15 and is part of a larger hack where a total of 24 companies are affected.
The exchange acted immediately after the news became known by sending an e-mail to all its customers containing a number of instructions. This way, customers must immediately create a new strong password. In addition, the exchange placed a message on the official website in which it says, among other things:
Today, 15 February 2019, Coinmama was informed about a list of e-mails and hashed passwords that would appear on the dark web. Our security team is investigating this now, and based on the information we know, we believe the leak is limited to about 450,000 email addresses and hashed passwords from users who registered until August 5, 2017. This leak is part of a larger hack involving 24 companies.
— Jacob Canfield🔰(Official Account) (@JacobCanfield) 16 februari 2019
In addition to Coinmama, another 23 companies would have been affected by the hack. A total of some 747 million data would have been stolen. All these data until recently were on sale for $ 15,000 on “Dream Market”, a marketplace on the dark web. However, the sale of the data is no longer to be found and is probably only available to certain Dream Market users.
This hack only concerns e-mail addresses and hashed passwords. It has not yet been reported that cryptocurrencies have been stolen. In previous hacks of other exchanges sometimes hundreds of millions were captured, but fortunately this does not seem to be the case in this case.