Coinmama, the Israeli-based Bitcoin purchases service provider which enables its users to acquire Bitcoin through credit and debit cards has reported being a victim of system intrusion.
According to the announcement, posted on February 15th, the hacker gained access to the system and stole over 450,000 email addresses and hashed passwords of users who registered on or before August 5th, 2017.
The company made note of the system intrusion when a dark-net user with the pseudonym ‘Gnosticplayers’ posted the sale of stolen records from as many as 8 different companies including those for Coinmama users. The hacker offered 127 million records for sale in total.
The notice said that only email account records and passwords were accessed as the company does not store credit card information for its users. Being a purchases service provider, it does not hold cryptocurrency for its customers. The notice read in part that as of yesterday February 15th, 2019, “there has been no evidence of this data being used by perpetrators. Given the dated nature of the published data, we have no reason to suspect that any other Coinmama systems are compromised. Coinmama does not store credit card information.”
Affected users are advised to change their passwords immediately while the rest of the users (those who signed up to the service after August 5th, 2017) are advised to update their security information as soon as possible. Affected users are also advised to update their security information if they used similar login credentials at several other service providers.
“If you registered prior to August 5th, 2017, immediately change your password and change it on any other service using the same login details (email and password). We’ve sent you an email with further instructions on how to protect your account and data.”
Coinmama is a leading Bitcoin brokerage company with more than 1.3 million active users from across the globe. This hack, however not specifically related to cryptocurrency, is the second incidence reported of a major company dealing in the trade and purchase of cryptocurrency after the January saga of New Zealand-based cryptocurrency exchange Cryptopia went offline following the security breach and theft of several digital assets from its customers’ wallets. Latest reports show that the exchange has been cleared to reopen trading but so far the company is yet to declare official lose figures, although reports have been published with approximate losses.