We urge everyone adopt good cybersecurity habits, and to have unique passwords on every site they use.
Saturday, Oct. 23, 3:15AM EST
In the spirit of transparency, we have a message for our users.
At this point in our investigation, we’ve come to the conclusion that the leak did not come from CoinMarketCap servers.
As no passwords are included in the data we have seen, we believe that it is most likely sourced from another platform where users may have reused passwords across multiple sites.
We believe that a bad actor (or actors) took a list of leaked emails (this list that claims to be from CoinMarketCap) and compared it with other batches of leaked data.
This is how the list of emails that claims to be from CoinMarketCap looks real — it’s because it’s a “cleaned” email dataset from the Dark Web that has occurred in previous leaked email sets totally unrelated to CoinMarketCap.
We can state with confidence that the leaks did not come from CoinMarketCap servers. We ran a comprehensive security check and there is no trace of any security breach of our servers.
We urge everyone to adopt good cybersecurity habits, and to have unique passwords on every site they use.