CoinPot, the hugely popular cryptocurrency microwallet, was rocked by claims this week that user accounts had been hacked.
However, it soon emerged that the rumours were unfounded and there had been no systematic breach or collection or personal data.
A statement posted on the CoinPot on Thursday read:
“CoinPot has NOT been hacked – your data/earnings are safe!
We have been made aware that there are some posts on forums etc suggesting that CoinPot has been hacked. We have fully investigated this and can confirm that there has been no breach of our systems. All of your private and sensitive information (i.e. passwords) are securely hashed before being safely stored in our databases so it is impossible for us or anyone else to read these, even if we were ever hacked in the future. We follow all industry best-practices to ensure the highest level of security.
The main part of the problem is that many users continue to use the same sign-in credentials (i.e. email/password) on multiple sites. Therefore when one of these other sites is hacked or leaks password data this can then also be used to sign in to CoinPot. This is what we believe has happened in this case. All accounts that we know to be affected by this have now been locked to prevent unathorised access – users will need to reset their password in this case.
It is STRONGLY RECOMMENDED best practice to avoid re-use of passwords across multiple sites
We also recommend that you enable 2FA”
In view of the many high profile bitcoin hacks/thefts that have taken place in recent years, CoinPot users were understandably anxious, with many taking to social media and various cryptocurrency forums to air their concerns.
As a consequence there was a slew of incorrect information and rumours circulating the Web which were soon found to be untrue and unwarranted.
It’s now apparent that there was a data dump of logins posted in an online cryptocurrency arena which apparently could be used across multiple websites because the users had users the same login details for multiple sites.
It appears that those with nefarious intentions attempted to target CoinPot using some of these logins, which ultimately proved unsuccessful.
Although they may have been able to gain access to a user account, it was not possible to move currency unless they also had access to the user’s email account as transaction confirmations are sent here, and even more unlikely if the user has activated the 2FA offered by the site.
CoinPot, which launched in July last year, has grown rapidly and is now among the most widely used microwallets around today for those that collect free bitcoins and others cryptocurrencies from sites known as faucets.
Faucets are websites that reward users with tiny amounts of bitcoin and other coins in return for their visit – effectively buying traffic so the site owner can profit from the advertising they carry.
Microwallets are used to gather all these tiny amounts of currency together into one usable amount which can then be withdrawn to a user’s bitcoin wallet, such as Coinbase. Note, this is a referral link which which will earn you (and us) $10 in free bitcoins if you use it to sign up to the service and buy or sell more than $100 of cryptocoins.
Are present, CoinPot supports the following faucets:
These faucets represent some of the best-paying and most reliable around today which is another reason CoinPot is so popular among users.
Some of the sites mentioned above offer extremely generous bonus schemes whereby you can dramatically increase your claim amount by completing simple tasks or just ensuring you visit and claim every day.
As such, users were relieved to discover that there hadn’t been a full-scale hack of the service and that their coins were safe. CoinPot’s creators are using sound security protocols meaning users can have a high level of confidence in the site.
Other pages you might like: