A major data breach has raised concerns across the cryptocurrency sector after a hacker reportedly uploaded personal records of more than 18 million US-based crypto users for sale on the dark web. The breach was first flagged by Dark Web Informer, a platform that monitors illegal data sales. According to the report, the exposed information includes users’ full names, email addresses, phone numbers, and physical home addresses. The asking price for the complete database was $10,000.
The data, according to the hacker, was collected from several large and well-known cryptocurrency exchanges and trading platforms. These include Binance, Coinbase, Kraken, Gemini, Crypto.com, Bitfinex, and Coinmama. Other names mentioned in the post include CoinMarketCap, Robinhood, and Ledger. The stolen information appears to have been compiled from both centralized exchanges and third-party services tied to crypto trading and storage.
The post also claims that the database contains over a million records from Binance US, nearly half a million from Coinbase, and hundreds of thousands more from other exchanges. In addition to the US records, another hacker was reported to be selling crypto-related user data tied to Robinhood accounts in several European countries, including Germany, Spain, the UK, and the Netherlands. The claim that data from these countries could be made available on request suggests that the data is being gathered through active breaches or unauthorized access to platforms.
Despite these reports, most of the companies mentioned have not issued public statements confirming the breach. Binance has denied any internal leak and instead pointed to a growing threat from malware known as “InfoStealer,” which infects users’ devices and collects data through compromised browser sessions. This method does not require a direct attack on the platforms themselves but targets users directly.
The leaked data has already been linked to ongoing phishing attempts. Several users have reported receiving fake messages and emails claiming to be from crypto platforms, urging them to click on links or call support lines to fix non-existent issues. These phishing messages are crafted to look like official communications and trick users into revealing their passwords or seed phrases.
The breach has sparked fresh criticism of centralized exchanges and their role in protecting user data. Some in the crypto community are now urging people to shift to decentralized exchanges, which store less personal data and reduce the risk of large-scale leaks. Others argue that the platforms involved should be held accountable for not doing enough to protect their users.
This incident follows a smaller breach just a few weeks ago when 230,000 user records from Gemini and Binance were listed for sale. As these breaches become more frequent, calls for better data protection policies and stronger security tools are growing. For now, users are advised to stay alert, enable two-factor authentication, avoid clicking on suspicious links, and use strong, unique passwords. The exposure of such a large amount of personal data could have long-term effects, especially if it ends up in the wrong hands.
