Poloniex exchange recently warned its users to reset passwords for some users to protect their accounts from possible data leak –however, the exchange today states that the information on social media didn’t originate from the crypto exchange.
Poloniex on Data Leak
Initially, the email was reportedly sent across its users on December 30, stating that “someone” posted a list of account credentials (email address and passwords) on Twitter and enforced a password rest on a group of users”. While it stated that not all the email addresses listed belong to Poloniex exchange, it claimed that the leak data could be used to log in to Poloniex accounts.
However, the exchange on Jan 03 posted an official detail blog post, noting that “no information or data leak was originating from Poloniex”. While elaborating the further stance, the exchange added;
Our immediate priority was to ensure that our customers’ accounts were safe. As a result, we reset the passwords of potentially impacted customers, as users often reuse passwords or minor variants of the same password. Our second priority was to determine the source of the leak and we can now confirm that neither this list nor the information contained, originated from Poloniex.
As part of concluding the matter, Poloniex details that “approximately 90% of the passwords listed already appear in the haveibeenpwned.com list of exploited passwords”. More so, it quickly assures users that they do not store user’s data in plain text. For those whose email Id wasn’t on the list, Poloniex said, ‘their data is secure’, by continuing…
“Less than 5% of the email addresses on the posted list were associated with Poloniex accounts”.
Since the exchange has been marked with the hacking incident in a history of the crypto industry, traders and users are still sceptical about the company’s rickety announcements quite often. Echoing the similar concern, a Twitter user, “Joshua Thomas” mocked by tweeting;
Does anyone else ever see a poloniex tweet and think oh no what are they taking away from us this time?
— Joshua Thomas (@joshthomas78) January 3, 2020