Cyber Incident Victim: cloudminr.io

On July 13, 2015, users of the cloud mining service Cloudminr.io discovered that the website had been compromised. Attackers replaced the site’s content with a publicly accessible CSV file containing a sample of the platform’s entire user database, demonstrating their unauthorized access. The hackers announced they had full control of the server and offered the complete database for sale at a price of 1 Bitcoin (BTC), implying potential buyers could profit by exploiting reused credentials elsewhere. The exposed data included user passwords stored in plaintext or with insufficient security measures, as the article noted the absence of hashing—though it acknowledged the possibility that compromised employee credentials might have enabled access to hashed data. No information was provided regarding whether internal systems, such as cryptocurrency wallets or balance records, were breached. Cloudminr.io’s operational status became uncertain, with communication channels described as unreliable following the attack.

The incident posed immediate risks to users, as the sale of unhashed credentials could facilitate credential-stuffing attacks on other platforms where victims reused similar passwords. The attackers explicitly highlighted this financial incentive, suggesting stolen credentials might grant access to accounts holding more than 1 BTC. Cloudminr.io users were advised to change passwords on all other services where they had employed comparable login details and to update or obscure security questions and backup information. The article did not detail any containment efforts by Cloudminr.io, nor did it confirm whether the service recovered control of its infrastructure. Media outlets monitored the situation, but no follow-up disclosures about the scope of wallet compromises or internal system impacts were reported in the initial coverage.