2 min read

450,000 usernames and passwords stolen from Coinmama cryptocurrency broker

Graham CLULEY

February 19, 2019

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
450,000 usernames and passwords stolen from Coinmama cryptocurrency broker

Coinmama, a site that is supposed to “make it fast, safe and fun” to buy Bitcoins and Etherium with a credit card, has suffered a data breach that has resulted in almost half a million customers having their personal details breached.

Coinmama says that it believes the breached data involves approximately 450,000 email addresses and hashed passwords of users who registered for accounts up until August 5th, 2017.

In an advisory published on its website, Coinmama linked the data leak to a wider wave of breaches that has affected at least 30 different websites (including MyFitnessPal, Houzz, and Coffee Meets Bagel) and impacted hundreds of millions of users.

The data is being sold on underground criminal websites in batches for tens of thousands of dollars.

In the latest data bundle offered by the hacker calling themselves Gnosticplayers, Coinmama’s 450,000 records are being offered alongside:

  • 57 million records stolen from interior design site Houzz
  • 40 million records stolen from video streaming site YouNow
  • 18 million records stolen from travel booking site Ixigo
  • 5 million records stolen from multiplayer online game Stronghold Kingdoms
  • 4 million records stolen from tabletop role-playing gaming site Roll20
  • 1.8 million records stolen from file sharing site Ge.tt
  • 1 million records stolen from pet care delivery service PetFlow

The Coinmama-related data is currently being offered by the hacker for 0.351 Bitcoin (US $1358), with the promise of as many as 70,000 cracked passwords.

Clearly, Coinmama users would be wise to change their password at the earliest opportunity – particularly if they created their account before August 2017. Furthermore, it makes sense – as with all data breaches which may lead to passwords being exposed – to ensure that the same password is not being reused anywhere else on the internet.

Interestingly, security researchers have noticed that many of the databases breached by Gnosticplayers appear to have been running the same software: PostgreSQL.

There is considerable speculation that the hacker may have exploited a vulnerability in the open source PostgreSQL software to trick websites into spilling their precious data.

According to TechCrunch, the coders who work on PostgreSQL are not aware of any current security holes – patched or unpatched – that might have been exploited by the hacker to steal the data.

“There are many factors that need to be taken into consideration when securing a database system that go beyond the database software. We have often found that data breaches into a PostgreSQL database involve an indirect attack vector, such as a flaw in an application accessing PostgreSQL or a suboptimal policy around data management,” said Jonathan Katz. “When it comes to vulnerabilities, the PostgreSQL community has a dedicated security team that evaluates and fixes issues and, in the spirit of open source collaboration, transparently reports on and educates our users about them.”

However the hacker is gaining access to so much sensitive data on so many websites, it would seem sensible to me for businesses who are running PostgreSQL to take a close look at their infrastructure.

After all, it’s better to find the security holes in your website yourself rather than wait for a malicious hacker to break in.

tags


Author



Right now

Top posts

Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

October 26, 2021

3 min read
What are drive-by download attacks and how do you prevent them?

What are drive-by download attacks and how do you prevent them?

October 25, 2021

2 min read
Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

October 22, 2021

2 min read
Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

October 20, 2021

3 min read
What Is a VPN, How Does It Protect Me, and What Cool Perks Does it Offer?

What Is a VPN, How Does It Protect Me, and What Cool Perks Does it Offer?

September 23, 2021

2 min read
Ultimate Privacy Guide for Your Facebook Account

Ultimate Privacy Guide for Your Facebook Account

August 31, 2021

6 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Tesla reverses "Full self-driving" beta update after sudden braking reports Tesla reverses "Full self-driving" beta update after sudden braking reports
Graham CLULEY

October 27, 2021

2 min read
Ukrainian Police Arrest Underground Darknet Group Laundering Cryptocurrency for Hackers Ukrainian Police Arrest Underground Darknet Group Laundering Cryptocurrency for Hackers
Silviu STAHIE

October 26, 2021

1 min read
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords
Filip TRUȚĂ

October 26, 2021

3 min read