Security Affairs
JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Poloniex forces password reset following a data leak

The Poloniex cryptocurrency exchange is forcing users to reset their passwords following a data leak.  Another bad news for the community of the virtual currencies communities, the Poloniex cryptocurrency exchange has forced its users to reset their passwords following a data leak.  The measure was necessary to prevent spear-phishing attacks against the users aimed at […]

Poloniex exchange data leak

The Poloniex cryptocurrency exchange is forcing users to reset their passwords following a data leak. 

Another bad news for the community of the virtual currencies communities, the Poloniex cryptocurrency exchange has forced its users to reset their passwords following a data leak. 

The measure was necessary to prevent spear-phishing attacks against the users aimed at stealing credentials or at delivering malware designed to steal their funds.

On December 30th, 2019, users began receiving a message from the Poloniex exchange notifying them of the data leak. According to the company user name and password for the platform may have been included in a data leak disclosed on Twitter by a user that goes online with the handle @charlysatoshi.

@charlysatoshi

 shared a screenshot of the data breach notification email sent by the trading platform to its users, the message said that almost all of the leaked accounts don’t belong to Poloniex accounts. 

“While almost all of the email addresses listed do not belong to Poloniex accounts, we are forcing a password reset on any email addresses that do have an account with us, including yours,” states the email. 

The Poloniex exchange’s support team confirmed on December 30 the authenticity of the message in a public Tweet.

At the time of writing the source of the data leak was still unclear.

Let me suggest to the impacted users to change their password at these other sites to prevent being victims of credential stuffing attacks.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Poloniex exchange, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]