CoinMarketCap Users Warned After Security Breach Exposes Email Addresses

CoinMarketCap, the world’s largest crypto data platform, experienced a security breach on June 20, 2025, when a vulnerability tied to a doodle image on their homepage triggered a malicious API call. This call launched suspicious pop-ups prompting users to “Verify Wallet” through unsafe links. The security team swiftly removed the infected asset and issued a statement claiming that all systems were fully operational and secure. However, users continued to report issues, including prompts to click on unsafe external links and browser warnings indicating that the site was blocked.

Despite CoinMarketCap’s assurances, users remained skeptical. Many reported encountering the same concerns, suggesting that the problem might not be completely resolved. The platform’s public update cautioned users not to connect their wallets, indicating that deeper vulnerabilities or residual scripts could still be active. This incident underscores the ongoing risks associated with even the most widely used and trusted platforms in the crypto space.

The breach has raised significant concerns about the safety of user data and assets, reminiscent of a previous hack in October 2021, when over 3.1 million user emails were leaked. This time, the breach has led to the exposure of user email addresses, which have been found traded and sold online on various hacking forums. The platform has since removed the malicious popup, but the damage has already been done, with users warning others not to interact with the site until further clarification is provided.

The hack has also highlighted the potential risks associated with connecting crypto wallets to third-party platforms. Users have been advised to be cautious and avoid interacting with any suspicious popups or prompts that ask for wallet connections. The incident has sparked discussions about the importance of cybersecurity in the cryptocurrency space and the need for platforms to implement robust security measures to protect user data and assets.

The incident has also raised concerns about the potential for asset theft, with users warning others not to use CoinMarketCap until the issue is fully resolved. The platform has not yet provided a detailed explanation of the incident or the steps it is taking to address the security breach. However, users have been advised to change their passwords and enable two-factor authentication as a precautionary measure.

The hack has also raised questions about the reliability of cryptocurrency data and analytics platforms, and the need for users to be vigilant and cautious when interacting with these platforms. The incident serves as a harsh reminder that even the biggest platforms in crypto aren’t immune to security threats. Until a more detailed update is shared and users no longer encounter these warnings, it’s best to stay cautious. Avoid connecting wallets through any pop-up on the site, and double-check links before interacting.