Digital currency exchange Poloniex is forcing users to change their passwords after a leaked list of login information began circulating on the internet.
Poloniex’s management confirms it sent an email to customers notifying them that a list of leaked emails and passwords could be used by malicious actors to gain access to their trading accounts. The crypto exchange says it is requiring affected users to modify their passwords.
Poloniex’s email message reads,
“While almost all of the [leaked] email addresses listed do not belong to Poloniex accounts, we are forcing a password reset on any email addresses that do have an account with us, including yours.”
A Poloniex customer thought that the email notice was some type of phishing scam and began warning people on Twitter. However, the exchange’s management clarified that it was a real email, and that affected users must change their passwords in order to maintain the security of their accounts.
According to Poloniex support,
“Yes, someone leaked a list of email addresses and passwords on Twitter. If your account was on the list, you would have been the first to know, well before any media publication. We promptly sent emails out to all affected users, requiring them to change their password.”
Currently, it’s unclear exactly how the email addresses and passwords were compromised, and just how many of them actually belong to Poloniex customers.