I received some random main on my email address that I used on coinmarketcap, The email used is a fresh email that I dedicate when I create account there. I'm receiving email with Russian text that has an attached file and there's a word of Bitcoin on text. I think this is the issue on that spam mail, Glad I didn't open any of it and until now, I'm still receiving email from different mail with same content daily.
I will try to post screenshot here later today once I get to my pc.
Topic: Coinmarketcap hack leaked 3.1 million emails! - page 3. (Read 617 times)
Weird they don't know how the hack occurred (or don't want to say).
Maybe they sold their database to the highest bidders. It certainly wouldn't be the first time someone does this 
Either way I'm not sure whether to laugh or cry that there are still people who give their main email address to a website that doesn't need it since its whole purpose is to provide "data" which they don't even do that properly either.
Just a crazy thought upon reading this thread. What if the haveibeenpwned database has been pwned as well? Subscriber-based type sites are always prone to hacking.
Anyway, it's crazy that a lot of hackers are finding ways to get information from certain websites. Imagine how much more could they do if they can get it from CMC. What else right? It's just a matter of time that there are more breaches to even more famous sites.
I have a question about what you should do on an important email. Like it's not replaceable. If this is the route you are going to take, I think you should just be careful on emails, right?
Anyway, it's crazy that a lot of hackers are finding ways to get information from certain websites. Imagine how much more could they do if they can get it from CMC. What else right? It's just a matter of time that there are more breaches to even more famous sites.
I have a question about what you should do on an important email. Like it's not replaceable. If this is the route you are going to take, I think you should just be careful on emails, right?
A little bit worried because I used my email here in Bitcointalk that linked to Coinmarketcap and I think it needs to change.
Please make sure you stake your message for your account in Stake your Bitcoin address here. It is as same as with email, to be safe, just in case, you should use an empty wallet with a single address that is used for staking.About email, I agreed with @Lucius and I recommended too, use different emails for different use cases. If you one email for all purposes, it is too risky.
I'm not using Coinmarketcap and I don't have an account here but I do have an account on Coingecko, but this is a warning for me to change my
email on Coingecko if they can do it on Coinmarketcap they can do it to other market aggregators, this is a big blow for Binance they are running the Coinmarketcap site and people trust them for their security set up, let's see now if they can catch these hackers.
As said, use an important email for registration on any website you want AND make sure you use a different password for different email too.email on Coingecko if they can do it on Coinmarketcap they can do it to other market aggregators, this is a big blow for Binance they are running the Coinmarketcap site and people trust them for their security set up, let's see now if they can catch these hackers.
Don't send back and forth emails between yours because it will create connections between your emails.
I'm not using Coinmarketcap and I don't have an account here but I do have an account on Coingecko, but this is a warning for me to change my
email on Coingecko if they can do it on Coinmarketcap they can do it to other market aggregators, this is a big blow for Binance they are running the Coinmarketcap site and people trust them for their security set up, let's see now if they can catch these hackers.
email on Coingecko if they can do it on Coinmarketcap they can do it to other market aggregators, this is a big blow for Binance they are running the Coinmarketcap site and people trust them for their security set up, let's see now if they can catch these hackers.
legendary
Activity: 2240
Merit: 4133
eXch.cx - Automatic crypto Swap Exchange.
Well, Binance seems to occupy the number one spot on ranking of exchanges and these comes with some sentiments of being best and most secured even
Yes right after buying the ranking sites and who knows what others projects they have taken ownership of. If I'm not mistaking Binance wasn't on the top of the list when it comes to exchanges before they acquired Coinmarketcap. I'm not trying to take anything away from the progress of the exchange but just know when you control the system, you can't be 100% trusted. They'll do anything to keep the trust of the community including lieing to their customers.
Binance owns Coinmarketcap and due to the airdrops and other promotions ongoing, individual probably have email linked between both platform. I remember seeing an airdrop ones on the site (coinmarketcap) that caught my interest and when I tried registering I was asked for my Binance ID which also means this information could also be compromised but they won't disclosed that. They'll always want you to believe your information and funds are safe with them but they aren't.
You answered your own question. Most people either won't even know their details have been hacked, or are too clueless to care. Binance have been hacked multiple times in the past as you point out, and yet people continue to flock to them.
Maybe they believe that Binance will compensate for users if their exchange is hacked. They did it in the past but it is not guarantee that they will do it in the future.People flock to Binance because the exchange has big trading volume and people can easily to finish their trade. Many coins get good rises after listing on Binance and it can be one of other reasons people flock to Binance.
Though, this doesn't apply to stolen information or privacy details and like o_e_l_e_o stated, a lot could be donne with your stolen information not excluding taking of loans and defrauding people. Even if the leak has it's origin from Binance or coinmarketcap leak, it cannot be proved conclusively and as such, the company won't take responsibility for damages cost.
they said only emails without password im sub to haveibeenpwned and i received the mail today
Upon reading this thread I quickly checked my email account and it seems I didn't receive any, can you quote it here what you've received or how to determine that your email account associated with Coinmarketcap has been leaked or compromised?In their Twitter account, there's no leak to their server as they said.
Quote
"You may have seen some information online about CoinMarketCap emails — we want to assure our users that there has been no leak from our own servers."
There's no really safe on the internet and everything is vulnerable to hacking, it's a good thing they announced that they didn't have been hacked.
A little bit worried because I used my email here in Bitcointalk that linked to Coinmarketcap and I think it needs to change.
Maybe they believe that Binance will compensate for users if their exchange is hacked. They did it in the past but it is not guarantee that they will do it in the future.
Compensating people for coins which are lost is one thing. Compensating people for information which is stolen is impossible. Are Binance going to pay your legal fees when you have to defend yourself in court for insurance fraud you didn't commit because someone stole your identity? Are Binance going to pay your bank for the $50,000 in loans someone else took out against your name? Are Binance going make things right when you are turned down for a mortgage or a car because your credit score is shot because of a bunch of credit cards you never opened? I don't think so.We have seen time and again that being large, reputable, well known, having large numbers of customers, having large trading volumes, having a wide selection of coins, etc., all means next to nothing when it comes to security. Pretty much every large exchange has leaked or sold customer data on more than one occasion. The only safe KYC is no KYC at all, and yet most people are more than happy to send all the information needed to steal their identity to a variety of complete strangers.
You answered your own question. Most people either won't even know their details have been hacked, or are too clueless to care. Binance have been hacked multiple times in the past as you point out, and yet people continue to flock to them.
Maybe they believe that Binance will compensate for users if their exchange is hacked. They did it in the past but it is not guarantee that they will do it in the future.People flock to Binance because the exchange has big trading volume and people can easily to finish their trade. Many coins get good rises after listing on Binance and it can be one of other reasons people flock to Binance.
This database is actually a goldmine for people who know how to exploit it correctly. Imagine having access to 3.1 million email addresses from people who will sign up for any and every dollar they can get. I reckon a good portion of them will click on whatever you feed them.
They also have 3.1 million email addresses of people who are definitely involved in crypto, and almost all of which will have a couple of exchange accounts using the same email address. Now they cross reference those email addresses against database leaks from other services in which passwords were also leaked, and start trying to break in to these emails since far too many people reuse passwords across several (or even all) of their accounts.How do Binance let a website that is owned and operated by them was hacked like this. It destroys their reputation in this industry.
Binance has hack in the past.
You answered your own question. Most people either won't even know their details have been hacked, or are too clueless to care. Binance have been hacked multiple times in the past as you point out, and yet people continue to flock to them.Binance has hack in the past.
Thats exactly it and something people dont realise, it might just be a email address but its
another piece of the jigsaw to enable hackers to access more and more of our personal
information and/or online accounts.
Thankfully I dont have a CMC account but I have all my other online crypto accounts changed
to a useless gmail account which I can delete/ignore in future.
This database is actually a goldmine for people who know how to exploit it correctly. Imagine having access to 3.1 million email addresses from people who will sign up for any and every dollar they can get. I reckon a good portion of them will click on whatever you feed them.
They also have 3.1 million email addresses of people who are definitely involved in crypto, and almost all of which will have a couple of exchange accounts using the same email address. Now they cross reference those email addresses against database leaks from other services in which passwords were also leaked, and start trying to break in to these emails since far too many people reuse passwords across several (or even all) of their accounts.How do Binance let a website that is owned and operated by them was hacked like this. It destroys their reputation in this industry.
Binance has hack in the past.
You answered your own question. Most people either won't even know their details have been hacked, or are too clueless to care. Binance have been hacked multiple times in the past as you point out, and yet people continue to flock to them. Binance has hack in the past.
If you have account at Coinmarketcap (that is owned by Binance exchange btw) you should think about changing email address and use new unique password, because of the hack that happened on October 12 that leaked 3,117,548 email addresses!
How do Binance let a website that is owned and operated by them was hacked like this. It destroys their reputation in this industry.Binance has hack in the past. Hackers steal over $40 million worth of bitcoin from one of the world’s largest cryptocurrency exchanges and they had KYC leak too
Quote
Consider that email address you used for CMC account is now compromised, don't be surprised if you start to receive some spam and scam emails, so you should not use it anymore.
I use one email to register for newsletter and things are not related to my accounts on crypto exchanges.[Guide] How to know if your email address was part of any data breach. If you ar curious and want to check your email with Haveibeenpwned.com
This database is actually a goldmine for people who know how to exploit it correctly. Imagine having access to 3.1 million email addresses from people who will sign up for any and every dollar they can get. I reckon a good portion of them will click on whatever you feed them.
God, the world (either the real world or the digital world) is not a safe place to live in as long as evil and greedy people still exist. I can confirm that my email was compromised with the CMC leaked. I've already changed the password and all but I can't throw it cause I still need to use it. However, I will be super extra cautious about emails coming and should warn myself not to open them recklessly. It's really frustrating but it's the fact that we should face in our daily life now.
Should've either used a throw-away when signing up for garbage or used an alias for your main email. Also how exactly is your email compromised? As long as you didn't reuse passwords and your password wasn't super-specific I doubt this will lead to anything. Also that first sentence, ironic?Nevertheless, email addresses are already being actively sold on hacker forums. And the most "bored" hackers may be interested in turning on their brute force for password collection. And as a result, the further fate of the hacked mail can be completely unhappy.
If you used the same password for your email and CMC account and the password is in a common wordlist to compare the hashes to, else i wouldn't worry too much about that particular issue. Spam is probably going to be your main groove.
God, the world (either the real world or the digital world) is not a safe place to live in as long as evil and greedy people still exist. I can confirm that my email was compromised with the CMC leaked. I've already changed the password and all but I can't throw it cause I still need to use it. However, I will be super extra cautious about emails coming and should warn myself not to open them recklessly. It's really frustrating but it's the fact that we should face in our daily life now.
they said only emails without password im sub to haveibeenpwned and i received the mail today
Nevertheless, email addresses are already being actively sold on hacker forums. And the most "bored" hackers may be interested in turning on their brute force for password collection. And as a result, the further fate of the hacked mail can be completely unhappy.
You don't need to be a boring teacher who constantly insists that for your own safety, it is better to always create a separate mail for different needs, And this rule is confirmed for the hundredth time.
Another day, another centralized service leaking user information across the internet. Owned by Binance, have no idea how their database was accessed, and unable to confirm or deny if other information was also accessed. Really fills you with confidence! 
I suspect we will see scam emails along the lines of "Free airdrops", "Early access NFTs", or other fake promotions from CMC, redirecting users to a site where they need to enter their seed phrase to receive the giveaway. That's the usual process.
I suspect we will see scam emails along the lines of "Free airdrops", "Early access NFTs", or other fake promotions from CMC, redirecting users to a site where they need to enter their seed phrase to receive the giveaway. That's the usual process.
they said only emails without password im sub to haveibeenpwned and i received the mail today
If you have account at Coinmarketcap (that is owned by Binance exchange btw) you should think about changing email address and use new unique password, because of the hack that happened on October 12 that leaked 3,117,548 email addresses!
Consider that email address you used for CMC account is now compromised, don't be surprised if you start to receive some spam and scam emails, so you should not use it anymore.
Consider that email address you used for CMC account is now compromised, don't be surprised if you start to receive some spam and scam emails, so you should not use it anymore.
I can confirm this. My email address was also compromised in the CMC leak. Luckily, I used an email address that has already been pwned in 22 other data breaches so I have no reason to worry. Spam is part of our daily lives.
Weird they don't know how the hack occurred (or don't want to say).
I've seen this announcement and luckily I don't use any email for using coinmarketcap instead only using their portfolio version for free without any need of logging in.
I think users must rush changing their details as this could lead to many spams that users might clicked on and become victim of scams links. Thanks for sharing this here OP.
I think users must rush changing their details as this could lead to many spams that users might clicked on and become victim of scams links. Thanks for sharing this here OP.
Jump to: