Poloniex Resets User Passwords Following Data Breach

On the evening of December 30, many users of the Poloniex cryptocurrency exchange received unusual emails notifying them of a forced password reset. While users initially suspected these messages were a scam, it soon became clear that a real data leak had occurred, prompting the exchange to take action.

As later confirmed by Poloniex representatives, the exchange initiated password resets for many users after discovering a suspicious list of email addresses and passwords posted on Twitter. It was claimed that these credentials could be used to access Poloniex accounts. Although the exchange’s administration assured users that most of the login and password combinations did not match Poloniex accounts, they decided to reset passwords for all accounts whose email addresses were actually registered on the platform.

At this time, it is not known how many credentials were included in the list that appeared on Twitter, or how many Poloniex users may have been at risk of compromise. The exchange has not yet made an official statement about the incident and has not responded to media inquiries.