On December 30, 2019, cryptocurrency exchange Poloniex emailed its customers saying that it had reset their passwords after “someone” allegedly leaked their email addresses and passwords on Twitter.
Prevention Is Better than Cure
In a bid to safeguard its customers from an apparent security threat, U.S.-based digital currency exchange Poloniex recently reset its customers’ password. The exchange made the move after tweets began to surface on the Internet suggesting that some user had leaked a list of email addresses and passwords on Twitter, claiming the information could be used to log in to Poloniex accounts.
The exchange, however, added that not all of the leaked email addresses belong to Poloniex customers. Subsequently, as a safety measure, the exchange reset the passwords of email addresses that actually belonged to its users.
The exchange’s official Twitter handle stated:
“We promptly sent emails out to all affected users, requiring them to change their password.”
A Timely Reminder
Instances of data leaks – especially in the cryptocurrency industry – are quite commonplace. The novel nature of the industry attracts cyber-criminals from across the world who strive to use creative and robust methods to access confidential user data stored with the exchange.
Earlier in the year, BTCManagerhow the now-defunct cryptocurrency exchange DX.Exchange leaked login details of its customers and employees due to a major bug on its platform.
Similarly, in July, Swedish cryptocurrency exchange QuickBita data breach that affected close to two percent of its customers. At the time, the exchange stated that the data breach was a result of a third-party system upgrade and assured its customers that their accounts and transactions were still safe and intact with the exchange.
Exchanges Up Their Security Game
Seeing the high number of instances of data breach, several cryptocurrency exchanges have taken measures to bolster their security mechanisms.
Asby BTCManager in May, Maltese crypto trading platform Binance had announced that it would be introducing several changes to its security methods. This move by Binance came shortly after it fell victim to a group of cybercriminals who stole digital assets worth approximately $40 million at the time.