Crypto exchange Poloniex denies data leak after resetting passwords for some users


Poloniex said Thursday that account information circulating on social media did not originate from the cryptocurrency exchange.

On Monday, Poloniex contacted some of its users after a tweet circulated featuring a list of email addresses and passwords and claiming that the information could be used to log into Poloniex accounts. In response, the exchange emailed all potentially impacted users and informed them of a forced password reset on their accounts. 

"Earlier this week we emailed a small group of our customers (about 1% of our total base), requiring them to reset their Poloniex password in response to a tweet claiming to contain a list of leaked email addresses and passwords," the exchange said in its statement. "To confirm, there was no information or data leak originating from Poloniex and our actions represented a swift response to an external threat."

In its new statement, Poloniex said that "our investigation has concluded that approximately 90% of the passwords listed already appear in the haveibeenpwned.com list of exploited passwords. Additionally, our security team is in touch with haveibeenpwned.com and has requested that they update their database to include additional missing information we have identified."

Poloniex emphasized that it does not store user' passwords in plain text or any recoverable form. Rather, it stores them as salted bcrypt hashes.

Additionally, Poloniex stated that "[l]ess than 5% of the email addresses on the posted list were associated with Poloniex accounts."

Trending Stories

Get Your Crypto
Daily Brief

Delivered daily, straight to your inbox.

SEC said to allow first bitcoin futures ETF to trade in US: report

The U.S. Securities and Exchange Commission is said to be allowing the first Bitcoin futures exchange-traded fund (ETF), per a Bloomberg report. The publication said in a report on Thursday night that the U.S. regulator “isn’t likely to block the products from starting to trade next week,” citing people familiar with the matter. The report […]
Read Full Story
Oct 15, 2021, 2:54AM UTC