Hundreds of Thousands of Passwords Are Stolen from Coinmama

When we switch from one asset to another, we expect it to work properly. For instance, if you choose to use a credit card over cash, you probably have your own reasons to prefer the former. Likewise, there are users who choose to use cryptocurrency. It seemingly provides a safe alternative way to secure financial transactions. However, cryptocurrency security has issues of its own, as can be proven by hundreds of thousands of passwords recently stolen from Coinmama.

Therefore, in this blog entry, we will focus on the latest cryptocurrency security breach, we will tell you more about the cryptocurrency itself, and then we will look at what to do if your password is leaked.

What is cryptocurrency?

You have probably heard the name many times before, but you have never had enough time to read up on that. To save you the trouble of searching on your own, we will give you a general overview of what cryptocurrency is and how cryptocurrency security is an integral part of our cyber lives these days.

As you can probably tell, cryptocurrency is a type of currency that basically exists in the cyber space. It is a medium of exchange that uses centralized control, and that makes it different from central banking systems and centralized digital currency. All types of cryptocurrency use strong cryptography thus increasing the security of financial transactions. And perhaps the most well-known type of cryptocurrency is Bitcoin. It is not uncommon to see the word “bitcoin” used as a synonym for all cryptocurrency types out there, too.

To obtain cryptocurrencies, you need to either buy them using the actual money that you have or mine them. Mining is technically a validation of transactions, and for validation, miners get their reward, which is new cryptocurrency. Miners use ASIC (application-specific integrated circuit) and FPGA (field-programmable gate array) machines to mine cryptocurrency. These days, miners have to employ high-performance mining machines, which results in really big electricity bills and high heat emission. Therefore, it is very likely that countries that provide cheap electricity and decent cooling facilities (or just cool environment) may have more legal miners. For example, due to its natural environment, Siberia has seen a steep increase in legal cryptocurrency mines over the past years.

Cryptocurrency Security Breach

Of course, not everyone can afford to mine their cryptocurrency. As mentioned, you might as well just buy it the old-fashioned way. There are multiple ways and third-party websites out there that should help users purchase all types of cryptocurrency. Coinmama is one of those websites, and it is there to provide you with “the honest way to buy cryptocurrency.” This website should assist users when they want to buy Bitcoins or Etherium with their credit cards.

However, this is where we encounter the issues with cryptocurrency security because when credit cards are involved, we automatically have to deal with vulnerable information that can be leaked. What’s more, to use Coinmama, you have to create an account, thus creating another set of potentially exploitable information. Let’s see how cryptocurrency security can be compromised with a real-life example.

As we have mentioned at the beginning of our entry, it has been reported by Coinmama that around 450,000 email addresses and hashed passwords were stolen. Here, we would like to mention that Coinmama wasn’t the only company that experienced a security breach. It was linked to an entire round of security attacks that are said to be responsible for almost 750 million records being leaked from 24 hacked websites. Hackers steal this information to sell it for those who need fake identities online for various purposes. The data stolen from Coinmama is on sale for around $1300 USD (or 0.351 Bitcoin), and the hackers promise to supply the buyer with at least 70,000 cracked passwords.

It has also been revealed that millions of records were stolen from booking site Ixigo, pet care delivery service PetFlow, multiplayer online game Stronghold Kingdoms, and many others. So we can only imagine how much the criminals can make in one attack. At the same time, this raises a lot of cryptocurrency security questions, too. And not everyone immediately knows what to do if their password is leaked, but we’re going to give you a few tips.

What to Do if My Password Is Leaked

One of the most important things about passwords is that you CANNOT reuse them. So when you receive news of a hacked password, and you need to change it, please do not enter a password you’re already using on some other website. If you cannot think of a strong password on your own, you can always make use of a password manager. In fact, using a password manager to generate unique and complex passwords would save you a lot of time.

If your account also has a security question, you might want to change it, too. Also, sometimes passwords are leaked together with email addresses, so you should warn your contacts that they might receive spam email from your address. It is also recommended to scan your computer with a licensed security tool because there are malware programs that can steal passwords from within the system as well.

Finally, it is important to understand that protecting yourself from a malicious hack might bring better results than scrambling to mitigate the damage. After all, when your passwords are leaked, you can just change them and hope for the best. However, if you do all you can to avoid potential identity theft; you may not have to deal with the worst-case scenario at all.

At the end of the day, some users might say that there is no use to pay any attention to cyber or cryptocurrency security because hackers can perform their attacks on companies and not individuals. And that is true. But the battle against identity thieves requires two fronts. Both companies and users have to employ all the necessary security measures to ensure that they manage to withstand such attacks.

March 1, 2019

Leave a Reply