Sunday , September 20 2020
Home / AI / Robots / Crypto exchange Poloniex forces users to change passwords after data leak

Crypto exchange Poloniex forces users to change passwords after data leak

TNW uses cookies to personalize content and ads to
make our site easier for you to use.
We do also share that information with third parties for
advertising & analytics.

Powered by

Blockchain, cryptocurrencies, and insider stories by TNW.

Data shared on Twitter prompted the action

Cryptocurrency exchange Poloniex is forcing its users to reset their passwords after a list of email addresses and passwords was allegedly leaked on social media.

Last week, the exchange notified customers of the breach, adding the leaked information could be used to access Poloniex accounts, ZDNet reports.

The email was shared on Twitter by user charlysatoshi, who initially thought it was a phishing attempt. However, Poloniex support confirmed on the social media site that it was, in fact, a legitimate email.

This is a real email! Please reset your password for account security

— Poloniex Customer Support (@PoloSupport) December 30, 2019

The exchange has also claimed that most of the emails listed aren’t attached to Poloniex accounts.

“While almost all of the email addresses listed do not belong to Poloniex accounts, we are forcing a password reset on any email addresses that do have an account with us, including yours,” the email says.

As ZDNet points out, Poloniex emphasized that most of the email addresses in the leak aren’t connected to the exchange. On the same day of the email also published a tweet advising users how to set up two-factor authentication (2FA) on their accounts.

Steps to set up 2FA:
– Install an authenticator application on your phone
– Click 2FA in your Polo settings
– Scan the barcode or manually enter the 16 digit key
– Safely store your backup code & QR code in case your phone gets lost, stolen, or erased

Tada! 🎉

— Poloniex Customer Support (@PoloSupport) December 30, 2019

It’s not entirely clear where the data leak has come from, who exactly was implicated in the breach, or if any accounts have been accessed by bad actors.

Hard Fork has contacted Poloniex for further comment on the extent of the breach, we will update this piece in due course

The lack of information might be a cause for concern for some Poloniex users. But it makes the enforced password change seem like a bit of a knee-jerk reaction, assuming it’s not trying to downplay the situation.

All things considered, if you’re a Poloniex user, it’s probably best to follow their advice. Turn on 2FA and change your password. Better safe than sorry.

Users are right to be weary of phishing attempts, though.

Back in 2018, Google’s Play Store featured a fake cryptocurrency trading app claiming to be for Poloniex. Thankfully, the app was removed soon after it was uncovered by security researchers.

Update January 3, 2020, 0727UTC: Poloniex has since issued a blog on the incident which can be found here. Despite the email stating that the exchange would be “forcing a password reset” it wanted to clarify that it did not force all customers to reset their passwords.

Published January 2, 2020 — 12:24 UTC

Thank you!

Copyright © 2006—2020.
All rights reserved.
Made with in Amsterdam.

This Article was first published on

About IT News Ug

Check Also

Musk, Thiel, and Gates: the 3 tech billionaires shaping our world

TNW uses cookies to personalize content and ads to make our site easier for you …

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.