TheMerkle Taringa Data Breach

Any website related to Bitcoin and cryptocurrency is often a big target for hackers. Although properly secured platforms are protected from major incidents, a successful hack will occur every now and then. Taringa, a Latin American site known for its positive stance toward Bitcoin, was compromised a few days ago. Login details of nearly all its 28 million users were compromised in the process. Happily, it does not appear any Bitcoin funds were stolen.


Taringa Data Breach is Disconcerting


It is good to see this Bitcoin-related website did not lose any funds, but the data breach itself is worrying. Taringa provides a question-and-answer platform for users all over Latin America. It also integrated Bitcoin tipping capabilities quite some time ago, a feature which has been appreciated by most of its user base so far. This feature, which was integrated back in 2015, allowed the company to become the “Reddit of Latin America” in just a few years.


Despite Taringa being compromised, the hackers seemingly did not obtain any Bitcoin balances stored on the platform. The partnership between Taringa and Xapo allows content creators to create digital Bitcoin wallets for use on the platform. Although it is unclear how much money is stored in the platform’s wallets, one would expect criminals to have emptied them regardless. Though that has not happened, it is possible the assailants still have access to the information required to do so.


Rather, it seems the attackers mainly wanted to compromise user data. Those efforts have, unfortunately, been a major success. It is believed all 28 million Taringa users had their personal information exposed to third parties. The breached information includes usernames, passwords, email addresses, and any other personal information the users may have shared with the company. The passwords in question are encrypted, but the associated MD5 encryption takes a few hours or days to crack. That means most users will have their passwords exposed.


Taringa has already issued a public statement explaining how none of the users’ wallet balances have been affected up to this point. Bitcoin tipping sites often have very little money in user balances, for obvious reasons. It is unclear if the Bitcoin tipping feature is still frequently used on Taringa to this day, although some people seemingly still make decent money from it. Users who had their information exposed should be particularly worried, though.


We have recently seen an uptick in phishing campaigns targeting cryptocurrency users. With around 28 million email addresses leaked due to the Taringa hack, all of these people may be targeted in future Bitcoin-related scams. Additionally, many individuals use the same login and password combination for multiple websites. We can only hope affected users have changed their passwords on those sites already. For now, there is no indication as to who was behind the Taringa breach.


All of this goes to show any website dealing with Bitcoin or other cryptocurrencies is a target for hackers. It also highlights how companies need to start taking cybersecurity a lot more seriously than they have up to this point. Having your database hacked regardless of stolen funds is not a good sign. It is unclear how this hack will affect Taringa’s reputation moving forward.



Click here to read more...