Brandi, Coin Market Cap and others fall victim of data leaks.
31 October 2021BREACHAWARE HQ
A total of 16 breach events
were found and analysed resulting in 10,266,163 exposed accounts
containing a total of 7 different data types of personal datum
. The breaches found publicly and freely available included Brandi, Coin Market Cap, Neteller, Owned Core and Uni Registry (URL Redirection). Sign in to view the full
library of breach events which includes, where available, reference articles relating to
each breach.
Categories of Personal Data Discovered
Contact Data, Technical Data, Communications Data, Locational Data.
Data Breach Analysis
This batch touches on cryptocurrency services, developer communities, online finance platforms, and internet infrastructure providers, sectors that represent a blend of highly technical, finance-facing, and community-driven digital environments.In total, the breaches included 7 distinct categories of personal data, although this report avoids speculation on the specific types exposed per platform. Instead, the focus is on the industries involved, the likely user demographics affected, and the broader privacy and security implications these breaches may carry.
Crypto, Digital Assets, and Market Aggregators: CoinMarketCap and Neteller
Among the highest-profile entities affected in this group is CoinMarketCap, a popular cryptocurrency price aggregator and portfolio tracking platform. CoinMarketCap is widely used by retail investors, blockchain enthusiasts, and fintech professionals to monitor market trends and asset prices. A breach involving CoinMarketCap affects a broad swath of crypto-curious individuals, many of whom use the platform as a launchpad into deeper financial or speculative engagement. Even in the absence of sensitive transactional data, user email addresses and account details from such platforms can become prime targets for phishing, wallet-targeted scams, and credential stuffing attacks.Neteller, also implicated in this batch, is a digital payments platform frequently used in forex trading, gambling, and international money transfers. Given its role in financial transactions, any compromise to its user base could have serious implications. While no payment information is presumed to be publicly available from this breach alone, the presence of exposed account data raises concerns around identity theft, spear-phishing, and account hijacking, especially for users operating in jurisdictions with limited recourse or consumer protection.
Together, these incidents highlight ongoing risks in the financial technology space, where user trust and transactional integrity are paramount and where threat actors continuously seek out platforms that aggregate user behaviour around high-value activity like investing, trading, or remittances.
Online Communities and Developer Forums: OwnedCore and Brandi
Two other platforms, OwnedCore and Brandi, illustrate the vulnerabilities of long-standing online communities, particularly those serving specialised or technically literate audiences.OwnedCore is a developer forum originally known for its association with World of Warcraft modding, exploits, and game-related code sharing. Over time, its community has expanded to include users interested in reverse engineering, hacking techniques, and grey-area software modifications. The breach of a forum like OwnedCore presents a multifaceted risk: in addition to compromising account credentials, it could also tie user handles to controversial or legally sensitive discussions, which may lead to reputational damage or targeted harassment for users who operated under assumed anonymity.
Brandi, while lesser known, appears to be linked to content sharing, image hosting, or a related community-based platform. Sites in this category often maintain user-generated content and minimal oversight, which can attract both creative communities and bad actors. Breaches from these platforms often expose email addresses, passwords (or hashes), and sometimes metadata linked to posts or uploads, adding layers of vulnerability particularly if users reused passwords or pseudonyms elsewhere online.
Both examples reflect the broader trend of community platforms being under-protected despite high engagement and technically savvy user bases, groups that often assume their niche status insulates them from threats, when in fact it may do the opposite.
Digital Infrastructure and Domain Services: UniRegistry (URL Redirection)
Another noteworthy inclusion in this batch is UniRegistry, identified in the context of a URL redirection breach. UniRegistry is known for domain registration, DNS services, and related internet infrastructure tools. Any incident involving this sector is significant not only due to the nature of its clientele (web developers, tech entrepreneurs, marketers) but also because of the potential for systemic downstream impact. If redirect settings, account credentials, or DNS records are tampered with or exposed, attackers could hypothetically intercept traffic, deploy phishing pages, or redirect legitimate web services to malicious endpoints.Even if the breach relates only to user account data, the platform’s position in the digital supply chain makes it a particularly sensitive point of failure. Users of such services tend to manage multiple domains, email forwarding configurations, and marketing tools, multiplying the possible points of compromise.
Affected Users and Exposure Patterns
This group of breach events affects a multi-disciplinary user base, notable not for its scale, but for the intensity of exposure among individuals with specific digital dependencies. Likely impacted groups include:- Crypto investors and digital asset users, many of whom engage with emerging financial ecosystems using real-world identities and traceable digital wallets.
- Tech-savvy hobbyists and forum contributors, who may use specialised platforms for modding, coding, or semi-private discourse.
- Web developers and domain managers, particularly those working with client portfolios or e-commerce presences.
- Online traders, affiliate marketers, or small business operators, who rely on payment services like Neteller for digital income or service facilitation.
Given this context, the risk profile here is elevated, not because the datasets are massive, but because the users affected are digitally active, identity-linked, and often interconnected across services. A single breached login or credential reused across multiple platforms could open access to wider swaths of personal or professional infrastructure.
Implications and Industry Observations
This batch further reinforces the pattern observed in other recent disclosures: many mid-sized or specialist digital services are still underprepared for modern cybersecurity challenges. Particularly at risk are platforms that collect highly targeted user data, whether through account creation, user-submitted content, or domain management, and lack the robust infrastructure of larger commercial operators.It’s also notable that this set includes entities across the financial, technical, and infrastructure layers of the digital ecosystem. This interweaving of critical services, payments, crypto, DNS, shows how breaches can extend far beyond the initial compromise, affecting not only the exposed accounts but also any connected tools, digital assets, or hosted services tied to those accounts.
As such, users of these platforms should be advised to:
- Rotate credentials, particularly if passwords were reused across services.
- Be alert for phishing attempts or scam messages that appear to originate from any of the affected domains.
- Monitor linked accounts, wallets, or hosted web assets for signs of unauthorised access or redirection.
Conclusion
With over 10 million accounts exposed across 16 platforms, this batch of breaches illustrates how targeted compromises in finance, tech, and community spaces can have outsized impact relative to their scale. From digital asset platforms and online payment systems to forums and domain infrastructure, the services affected are used by engaged, digitally literate individuals whose online identities are often deeply interwoven across networks.The lesson here is clear: security is not a numbers game. Whether a breach affects ten million or ten thousand users, its importance lies in who those users are, what platforms they rely on, and how the fallout may cascade across their digital lives.