2026-01-11 04:20:41

Some people received account reset email notifications some time ago, and it turns out that a massive data breach was to blame. A total of 17.5 million account information records were leaked in this incident, covering a wide range.

The leaked data includes a lot of sensitive information—full names, account names, verified email addresses, phone numbers, user UIDs, as well as country and location data. These things alone may not seem problematic, but combined they can cause serious issues.

For those who are actively involved in the Web3 ecosystem, such data leaks are especially dangerous. Hackers who obtain this data can easily launch targeted social engineering attacks—impersonating official sources, phishing links, pretending to be friends requesting loans or transfers, with a variety of tactics. Since phone numbers and emails are exposed, the risk of SIM swapping attacks cannot be ignored.

This serves as a reminder for everyone to stay vigilant—be cautious with unfamiliar links, verify official notification channels, and enable two-factor authentication on key accounts to avoid laziness.

View Original

This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.

11 Likes

Reward
11
6
Repost
Share

Comment

0/400

GweiObserver

· 01-11 04:50

17.5 million records leaked, this time it's really intense... I need to change my password quickly --- Same old story, social engineering attacks are unstoppable, be careful not to fall for phishing --- Your phone number has been leaked? Need to find a way to change it, so troublesome --- That's why I never use my real name on public blockchains. I should have done this a long time ago --- Two-factor authentication is really worth it, lessons learned the hard way, brothers --- 17.5 million people? Feels like everyone around me has been affected, now no information is safe --- Hackers are really comprehensive, from email to phone to location, there's no defense

View OriginalReply0

BlindBoxVictim

· 01-11 04:50

Oh my god, 17.5 million data records leaked. This time, it's really serious... How can there still be people clicking on unfamiliar links? Wake up, everyone. SIM card swapping is really ruthless. My friend was a victim of it. Two-factor authentication is not just for show. Enable it quickly. Who's responsible for this leak? It's such a scam. Every time this happens, I have to reset my password. So annoying. Phishing emails are getting more and more convincing. You have to look carefully. I just want to ask when they will finally protect our data properly.

View OriginalReply0

RatioHunter

· 01-11 04:50

17.5 million accounts? No way... My information is also inside, this is truly unbelievable. --- It's the same old story again—phishing, social engineering, SIM swapping... The Web3 community is like living in a hacker's hunting ground. --- Everyone, don't slack off on two-factor authentication, or you'll just get drained. --- My phone number and email are fully leaked. How come some people still dare not enable 2FA? --- Looking at the scale of the leak, I know the subsequent scam calls are going to explode... --- The phrase "combining them makes it troublesome" is spot on. Alone, they’re useless; combined, they become a knife. --- These days, using platforms makes you nervous. Should I change all my accounts first? --- SIM swapping is really hard to defend against; carriers are just useless teammates. --- 17.5 million... I really want to know how much this data could sell for on the dark web right now. --- I'm quite cautious about unfamiliar links, but how do I judge links sent by friends?

View OriginalReply0

NFTRegretful

· 01-11 04:47

17.5 million pieces of information leaked, I'm freaking shattered... This time I really have to enable 2FA, or I won't be able to sleep. --- Damn, it's this kind of combined attack again. The full-name phone number and location are all exposed, if hackers want to social engineer me, I'm done for. --- Honestly, the biggest fear in the Web3 community is this. I've seen too many cases of impersonating official accounts. --- I just want to know when they'll get security right. Repeated attempts, right? --- Don't skip on two-factor authentication. It's a hassle, but way better than losing your coins a hundred times. --- 17.5 million, probability theory tells me I'm definitely among them... feels not so good. --- I've been used to suspicious links for a long time, but the threat of SIM card swapping is indeed harder to defend against. --- Have to change passwords and verify notification channels again. So annoying, but I have no choice.

View OriginalReply0

ForumLurker

· 01-11 04:43

17.5 million accounts, this time it's really impressive. I was wondering why so many people have been receiving reset emails recently. Be really careful with SIM card swapping; a friend of mine was targeted like that before. Definitely don't skip 2FA. I have all my important accounts secured with it now. It’s a bit of trouble, but worth it. This wave of data leaks feels endless. When will it finally stop? Web3 is inherently risky, and now with this added issue, we need to be even more cautious.

View OriginalReply0

DaoGovernanceOfficer

· 01-11 04:35

ngl, 17.5M accounts exposed is basically a governance nightmare waiting to happen—the data suggests we're looking at coordinated attack vectors across multiple protocols. empirically speaking, this is exactly why we need mandatory 2fa as a protocol-level requirement, not just a suggestion lol

Reply0