Thanks to Firefox Monitor, I was notified last night that CoinMarketCap was breached on october 12th recently. According to the information from Firefox Monitor (who get their data from “Have I Been Pwned”) the hackers only got email addresses. So far, so good. What bothers me, here in the Netherlands under GDPR law, CoinMarketCap.com should have notified the authorities. We have a government bureau specialized in privacy matters.
And basically, CMC should have notified us. Had the hackers also collected phone numbers and more important, passwords, they would have had 10 days time to hack into our accounts or launch a phishing campaign, knowing our email addresses have a CMC account.
Bad show, CMC.