COINMAMA

DESCRIPTION OF EVENTS

"Coinmama provides a cryptocurrency exchange platform for trading digital currency globally." "We’re Coinmama, a financial service that makes it fast, safe and fun to buy digital currency, anywhere in the world. We believe that the future of money is one where we, the people, are in control of our own economy. A future where there’s no place for middle-men, hidden fees and fine print."

"To deliver on that promise, we have come to work every day since 2013 to create the simplest financial service out there - spoken in a language you can understand, and backed by customer service you can count on."

"As a financial service, Coinmama is committed to the highest security and privacy standards. This also helps us keep your account safe, fight fraud, and more."

"Coinmama platform is operated by Cmama Ltd., 3 Ballsbridge Park, Ballsbridge, Dublin, Ireland, D04 C7H2, a daughter company of New Bit Ventures Ltd company #514907880 (which owns the Coinmama brand and platform). Cmama Ltd. is a regulated entity registered as Money Service Businesses with FinCEN (#31000172638926). Transactions are carried out with Cmama Ltd. and processed by New Bit Ventures Ltd."

"Israeli crypto brokerage Coinmama announced on Feb. 15 that 450,000 users’ data was breached, in part of a massive cyberattack that targeted 24 companies." "The Slovakia-registered exchange announced that a list of emails and hashed passwords belonging to Coinmama users were discovered on a dark web marketplace."

“Today, February 15, 2019 Coinmama was informed of a list of emails and hashed passwords that were posted on a dark web registry. Our Security Team is investigating, and based on the information at hand, we believe the intrusion is limited to about 450,000 email addresses and hashed passwords of users who registered until August 5th, 2017. This comes as part of a larger breach affecting 30 companies and a total of 841 million user records,” Coinmama said in an official post.

"This list included details related to 450,000 users who had registered their accounts before August 5, 2017, Coinmama confirmed." "Coinmama says a list of around “450,000 email addresses and hashed passwords” of users who registered on its platform before Aug. 5, 2017 have been posted on a dark web registry."

“As of February 15, 2019, there has been no evidence of this data being used by perpetrators. Given the dated nature of the published data, we have no reason to suspect that any other Coinmama systems are compromised. Coinmama does not store credit card information.” "The Coinmama-related data is currently being offered by the hacker for 0.351 Bitcoin (US $1358), with the promise of as many as 70,000 cracked passwords."

"Coinmama claims the breach was part of a wider hack affecting companies such as MyFitnessPal, Houzz, and dating app Coffee Meets Bagel." "The breach is reportedly part of a mammoth, multi-platform hack that affected 24 companies and a total of 747 million records — among them gaming, travel booking and streaming sites." "According to TechCrunch, most sites affected used the open source PostgreSQL database software. It’s thought that an attacker might be using the same exploit in order to gain access to backend databases."

“There are many factors that need to be taken into consideration when securing a database system that go beyond the database software. We have often found that data breaches into a PostgreSQL database involve an indirect attack vector, such as a flaw in an application accessing PostgreSQL or a suboptimal policy around data management,” said Jonathan Katz. “When it comes to vulnerabilities, the PostgreSQL community has a dedicated security team that evaluates and fixes issues and, in the spirit of open source collaboration, transparently reports on and educates our users about them.”

"The hacker, whose identity isn’t known, began listing user data from several major websites — including MyFitnessPal, 500px and Coffee Meets Bagel, and more recently Houzz and Roll20 — earlier this week. This weekend, the hacker added a third round of data breaches — another eight sites, amounting to another 91 million user records — to their dark web marketplace."

"Coinmama established an Incident Response Team to identify the nature of the intrusion. The company also took additional security measures to thwart further loss and notified the affected users to reset their passwords upon next login and urged all other users to verify that their passwords are unique and strong."

"Aside from immediately notifying users, Coinmama says its response team is requiring all potentially affected users to reset their passwords upon login, as well as monitoring its array of systems for suspicious activity or unauthorized access. The platform says it is working to enhance its safeguards and track any external signals that the compromised data is being used."

The CoinMama cryptocurrency-trading platform had stored information on 450,000 customers breached, including login and hashed password data for any users registered prior to August 2017. The hackers apparently were selling the information, including 70,000 cracked passwords, online for bitcoin. CoinMama issued a notice to all affected users and prompted them to change their passwords.

https://www.pymnts.com/cryptocurrency/2019/major-crypto-hacks/ (Dec 12)
https://www.coinmama.com/ (Dec 25)
https://fr-fr.facebook.com/Coinmama/ (Dec 25)
https://www.coinmama.com/faq (Dec 26)
https://www.coinmama.com/about-us (Dec 26)
ClassPass, Gfycat, StreetEasy hit in latest round of mass site hacks – TechCrunch (Dec 26)
Major Crypto Brokerage Coinmama Reports 450,000 Users Affected by Data Breach (Dec 26)
Cryptocurrency exchange Coinmama reports data breach (Dec 26)
450,000 usernames and passwords stolen from Coinmama cryptocurrency broker - Security Boulevard (Dec 26)
https://www.databreaches.net/major-crypto-brokerage-coinmama-reports-450000-users-affected-by-data-breach/ (Dec 26)

More case studies

MetaMask Fake Google
Play Clipper Malware

CoinBin Declares
Bankruptcy