Security Breach at Coinmama: What can we Learn

A security breach is always a gateway to disaster. Unfortunately, Coinmama suffered such a breach on February 15th.

The crypto brokerage is one of the largest in the world and has over 1.3 million active users. According to the official statement, 450 000 email addresses and passwords were exposed in the attack. The attack also involved more than 24 websites and 474 million records.

Breaking: #Coinmama hacked and 450,000 users were effected. Make sure you change your passwords if you used the site to buy Bitcoin. pic.twitter.com/2w1OyXmpoe

— Jacob Canfield(Official Account) (@JacobCanfield) February 16, 2019

On a more positive side, no cryptocurrencies were stolen from user wallets. Coinmama’s security team is heavily investigating the security breach. Unfortunately, this is not the only security breach which occurred recently.

The security breach is most likely just a stepping stone

A lot of apps, which are not even tied to financial assets have suffered similar attacks. Cofee Meets Bagel and MyFitnessPal recently suffered almost identical attacks. The leader of the Insights research team Ariel Ainhoren, stated that these attacks are used as stepping stones for attacking larger databases with more valuable information.

Most of the affected websites in the security breach were running Postgre SQL database software. When the system was infiltrated, the database was easily downloaded across a large range of sites.

Ainhored said:

“We’re still in the process of analysis. However, it’s our belief that the attackers used a vulnerability which surfaced relatively recently. At the time, it wasn’t noticed and patched by the companies. Of course there is the possibility we’re dealing with an entirely new vulnerability exploit.

None of the websites had known breaches and it seems the attackers were solely responsible for infiltrating the system. We are almost positive that the attackers did not obtain inside information and used it for the security breach.”

What’s interesting is that no personal information on the dark web has been accessed by the attackers. Coinmama instantly urged its users to change their passwords. If Coinmama’s database was acquired by an ill-intentioned buyer, there could have been disastrous consequences. There could have been many unauthorized withdrawals on the wallets which had not enabled the two-factor authorization.

Coinmama quickly stated that it will work hard on the platform’s security measures to prevent such events from repeating. With the passing of QuadrigaCX’s CEO, the Coinmama security breach is another hit to the reputation of the crypto market.

Recent months have shown that more and more people tend to belive that crypto exchanges have very poor internal management systems and security measures. Of course most people tend to overlook the very strong track record of major crypto exchanges.

Despite Binance, Gemini and Coinbase not suffering breaches, the overall level of trust in crypto exchanges is continuing to decline. The growing number of security issues and the market’s current condition have only fueled investors’ doubts.

You can also check out:

• Crypto Bull Run: The Next One Will Be Remembered
• Ripple Offered Millions of Dollars in XRP to Attract the Best Tech Talent
• Global Recession: Experts Say Odds are Going Increasingly Up
• FIO and the Quest to Improve Blockchain User Experience