Brinztech Alert: Database of Coinhouse (French Crypto Exchange) is on Sale

Dark Web News Analysis

A threat actor on a known cybercrime forum is advertising the alleged sale of a database belonging to Coinhouse (coinhouse.com), a prominent French cryptocurrency exchange and digital asset service provider (PSAN).

The seller is offering a dataset containing 12,367 lines of customer information for $379 (payable in XMR or ETH).

Brinztech Analysis: This listing contains a critical detail: the seller explicitly states the data is “Not from an internal server attack.” This is a strong indicator of a Supply Chain or Third-Party Vendor Breach.

• Likely Source: The data volume (12k records) and content (Full PII) suggest a compromise at a marketing agency, a KYC (Know Your Customer) verification partner, or a customer support outsourcer used by Coinhouse.
• Data Content: The leak reportedly includes Full Names, DOB, Emails, Physical Addresses, and Phone Numbers (specifically targeting French +33 numbers).

This incident targets a regulated entity. Coinhouse is registered with the AMF (Autorité des Marchés Financiers), making this a significant regulatory event in France. The exposure of physical addresses alongside crypto ownership data introduces physical security risks ($5 wrench attacks) in addition to digital fraud.

Key Cybersecurity Insights

This alleged data breach presents a critical and immediate threat to French crypto investors:

• Potential Third-Party/Supply Chain Breach: The explicit disclaimer (“Not from an internal server”) shifts the focus to Coinhouse’s vendors. This highlights the persistent risk of “island hopping,” where attackers target less-secure vendors to access high-value client data.
• Targeted Demographic (French Customers): The database is specifically marketed as containing “ALL FR +33” numbers. This allows attackers to launch highly localized Smishing (SMS Phishing) campaigns, impersonating Coinhouse support in fluent French to bypass skepticism.
• High Risk of Identity Theft: The combination of Full Name, Date of Birth, and Physical Address is the “trifecta” for identity theft in France. This data can be used to open fraudulent bank accounts or take out loans in the victim’s name.
• Monetization of Compromised Data: The relatively low price ($379) suggests the seller wants a quick turnover, which often leads to the data being sold to multiple buyers simultaneously, increasing the volume of attacks victims will face.

Mitigation Strategies

In response to this claim, Coinhouse users and the company must take immediate action:

• Immediate Customer Notification: Coinhouse should alert customers to the potential of a third-party leak. Transparency is critical to preventing successful phishing attacks.
• Vigilance Against Smishing: Users with +33 numbers must be extremely skeptical of any SMS claiming to be from Coinhouse, especially those demanding urgent verification or login. Coinhouse will never ask for your password or 2FA code via SMS.
• Switch to App-Based 2FA: If you are using SMS for Two-Factor Authentication, switch immediately to an Authenticator App (Google Auth, Authy) or a Hardware Key (YubiKey). SMS is vulnerable to SIM swapping, a risk elevated by this phone number leak.
• Third-Party Audit: Coinhouse must urgently audit its third-party vendors (marketing, support, KYC) to identify the source of the 12,000 records and ensure the leak is contained.

Secure Your Business with Brinztech — Global Cybersecurity Solutions Brinztech protects organizations worldwide from evolving cyber threats. Whether you’re a startup or a global enterprise, our expert solutions keep your digital assets safe and your operations running smoothly.

Questions or Feedback? For expert advice, use our ‘Ask an Analyst’ feature. Brinztech does not warrant the validity of external claims. For general inquiries or to report this post, please email us: contact@brinztech.com