Coinmama
Company Details
Linkedin ID:
coinmama
Website:
Employees number:
21
Number of followers:
4,261
NAICS:
52
Industry Type:
Homepage:
coinmama.com
IP Addresses:
0
Company ID:
COI_1447573
Scan Status:
In-progress
Coinmama Company CyberSecurity Posture
coinmama.com
Coinmama believes that the future of money is open source, decentralized and borderless. We believe that economic freedom and financial services should be available to every human being. It's why our mission is to simplify the way the world does cryptocurrency, and why we work to make crypto easy, friendly, and safe for our growing community of 2 million users around the world. We're here to serve you in this financial revolution. For more information, visit our company site at www.coinmama.com
Coinmama A.I CyberSecurity Scoring
Coinmama Risk Score (AI oriented)Between 700 and 749
Coinmama
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Coinmama Global Score (TPRM)XXXX
Coinmama
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Coinmama Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Coinmama
Data Leak
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: Israel-based crypto brokerage Coinmama suffered a major data breach affecting 450,000 of its users. The breach was reportedly part of a mammoth, multi-platform hack that affected 24 companies and a total of 747 million records — among them gaming, travel booking and streaming sites. A list of around 450,000 email addresses and hashed passwords of Coinmama users who registered on its platform before Aug. 5, 2017 were also posted on a dark web registry. However, Coinmama's response team took all required steps and asked the potentially affected users to reset their passwords upon login, as well as monitor its array of systems for suspicious activity or unauthorized access.
Coinmama Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Coinmama
Incidents vs Financial Services Industry Average (This Year)
No incidents recorded for Coinmama in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Coinmama in 2025.
Incident Types Coinmama vs Financial Services Industry Avg (This Year)
No incidents recorded for Coinmama in 2025.
Incident History — Coinmama (X = Date, Y = Severity)
Coinmama cyber incidents detection timeline including parent company and subsidiaries
Coinmama Company Subsidiaries
Coinmama believes that the future of money is open source, decentralized and borderless. We believe that economic freedom and financial services should be available to every human being. It's why our mission is to simplify the way the world does cryptocurrency, and why we work to make crypto easy, friendly, and safe for our growing community of 2 million users around the world. We're here to serve you in this financial revolution. For more information, visit our company site at www.coinmama.com
Loading...
Coinmama Similar Companies
Bloomberg
Bloomberg is a global leader in business and financial information, delivering trusted data, news, and insights that bring transparency and efficiency, and fairness to markets. We help connect influential communities across the global financial ecosystem via reliable technology solutions that enable
The Allianz Group is one of the world's leading insurers and asset managers with more than 100 million private and corporate customers in more than 70 countries. We are proud to be the Worldwide Insurance Partner of the Olympic & Paralympic Movements from 2021 until 2028 and to be recognized as one
Global Payments (NYSE : GPN) helps businesses around the world enable commerce and provide exceptional experiences to their customers. Our payment technology and software solutions enable merchants and developers to deliver seamless customer experiences, run smarter operations and adapt quickly to c
Aboitiz Group
Here at Aboitiz, we aim to change today to shape the future. With five generations of success behind us, the Aboitiz Group is currently transforming into the Philippines’ first techglomerate. Amidst this evolution, we remain committed to our core mission of driving change for a better world by adva
Ameriprise Financial Services, LLC
At Ameriprise Financial, we have been helping people feel more confident about their financial future for 130 years. With extensive investment advice, asset management and insurance capabilities and a nationwide network of approximately 10,000 financial advisors*, we have the strength and expertise
Navy Federal Credit Union
Navy Federal is the world’s largest credit union, with more than 14 million members, $180 billion+ in assets and 24,000+ employees. Throughout campuses in Vienna, VA Pensacola, FL and Winchester, VA, as well as more than 360 branches, we serve the Armed Forces, Department of Defense, Veterans and th
Franklin Templeton
Franklin Resources, Inc. [NYSE:BEN] is a global investment management organization with subsidiaries operating as Franklin Templeton (www.franklinresources.com). The products, services, information and materials referenced in this site may not be available to residents in certain jurisdictions. Co
Mizuho
This is not your typical financial institution. It’s our people who make us a cut above. Here, every person is respected because of their differences, not in spite of them. We pride ourselves on a culture of purpose, passion and compassion. At Mizuho, we provide the stability of an international in
Sanlam
We’ve finally given a name to that special something a person exudes when they have a plan for their finances. It’s called The F Factor – and now that you know its name, it’s time you feel it too. Let's unlock your financial confidence, together. Our team is online weekdays 8:30 – 16:00
.png)
Coinmama CyberSecurity News
July 15, 2025 07:00 AM
Coinmama Review November 2025
Looking for a comprehensive Coinmama review? Discover the pros and cons of this popular crypto exchange.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Coinmama CyberSecurity History Information
Official Website of Coinmama
The official website of Coinmama is https://www.coinmama.com.
Coinmama’s AI-Generated Cybersecurity Score
According to Rankiteo, Coinmama’s AI-generated cybersecurity score is 737, reflecting their Moderate security posture.
How many security badges does Coinmama’ have ?
According to Rankiteo, Coinmama currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Coinmama have SOC 2 Type 1 certification ?
According to Rankiteo, Coinmama is not certified under SOC 2 Type 1.
Does Coinmama have SOC 2 Type 2 certification ?
According to Rankiteo, Coinmama does not hold a SOC 2 Type 2 certification.
Does Coinmama comply with GDPR ?
According to Rankiteo, Coinmama is not listed as GDPR compliant.
Does Coinmama have PCI DSS certification ?
According to Rankiteo, Coinmama does not currently maintain PCI DSS compliance.
Does Coinmama comply with HIPAA ?
According to Rankiteo, Coinmama is not compliant with HIPAA regulations.
Does Coinmama have ISO 27001 certification ?
According to Rankiteo,Coinmama is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Coinmama
Coinmama operates primarily in the Financial Services industry.
Number of Employees at Coinmama
Coinmama employs approximately 21 people worldwide.
Subsidiaries Owned by Coinmama
Coinmama presently has no subsidiaries across any sectors.
Coinmama’s LinkedIn Followers
Coinmama’s official LinkedIn profile has approximately 4,261 followers.
NAICS Classification of Coinmama
Coinmama is classified under the NAICS code 52, which corresponds to Finance and Insurance.
Coinmama’s Presence on Crunchbase
Yes, Coinmama has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/coinmama.
Coinmama’s Presence on LinkedIn
Yes, Coinmama maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/coinmama.
Cybersecurity Incidents Involving Coinmama
As of December 07, 2025, Rankiteo reports that Coinmama has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Coinmama has an estimated 30,149 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Coinmama ?
Incident Types: The types of cybersecurity incidents that have occurred include Data Leak.
How does Coinmama detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an containment measures with asked affected users to reset passwords, containment measures with monitored systems for suspicious activity or unauthorized access..
Incident Details
Can you provide details on each incident ?
Title: Coinmama Data Breach
Description: Israel-based crypto brokerage Coinmama suffered a major data breach affecting 450,000 of its users. The breach was part of a multi-platform hack affecting 24 companies and 747 million records, including gaming, travel booking, and streaming sites. Email addresses and hashed passwords of users registered before Aug. 5, 2017, were posted on a dark web registry.
Type: Data Breach
Attack Vector: Multi-platform Hack
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Data Leak.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach COI02511222
Data Compromised: Email addresses, Hashed passwords
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Email Addresses, Hashed Passwords and .
Which entities were affected by each incident ?
Incident : Data Breach COI02511222
Entity Name: Coinmama
Entity Type: Crypto Brokerage
Industry: Financial Services
Location: Israel
Customers Affected: 450,000
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach COI02511222
Containment Measures: Asked affected users to reset passwordsMonitored systems for suspicious activity or unauthorized access
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach COI02511222
Type of Data Compromised: Email addresses, Hashed passwords
Number of Records Exposed: 450,000
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by asked affected users to reset passwords, monitored systems for suspicious activity or unauthorized access and .
Additional Questions
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Email addresses, Hashed passwords and .
Response to the Incidents
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident was Asked affected users to reset passwordsMonitored systems for suspicious activity or unauthorized access.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Email addresses and Hashed passwords.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 450.0K.
.png)
Latest Global CVEs (Not Company-Specific)
Description
HedgeDoc is an open source, real-time, collaborative, markdown notes application. Prior to 1.10.4, some of HedgeDoc's OAuth2 endpoints for social login providers such as Google, GitHub, GitLab, Facebook or Dropbox lack CSRF protection, since they don't send a state parameter and verify the response using this parameter. This vulnerability is fixed in 1.10.4.
Risk Information
cvss3
Base: 3.7
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N
Description
Langflow versions up to and including 1.6.9 contain a chained vulnerability that enables account takeover and remote code execution. An overly permissive CORS configuration (allow_origins='*' with allow_credentials=True) combined with a refresh token cookie configured as SameSite=None allows a malicious webpage to perform cross-origin requests that include credentials and successfully call the refresh endpoint. An attacker-controlled origin can therefore obtain fresh access_token / refresh_token pairs for a victim session. Obtained tokens permit access to authenticated endpoints — including built-in code-execution functionality — allowing the attacker to execute arbitrary code and achieve full system compromise.
Risk Information
cvss4
Base: 9.4
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
A vulnerability was detected in xerrors Yuxi-Know up to 0.4.0. This vulnerability affects the function OtherEmbedding.aencode of the file /src/models/embed.py. Performing manipulation of the argument health_url results in server-side request forgery. The attack can be initiated remotely. The exploit is now public and may be used. The patch is named 0ff771dc1933d5a6b78f804115e78a7d8625c3f3. To fix this issue, it is recommended to deploy a patch. The vendor responded with a vulnerability confirmation and a list of security measures they have established already (e.g. disabled URL parsing, disabled URL upload mode, removed URL-to-markdown conversion).
Risk Information
cvss2
Base: 5.8
Severity: LOW
AV:N/AC:L/Au:M/C:P/I:P/A:P
cvss3
Base: 4.7
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 5.1
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
A security vulnerability has been detected in Rarlab RAR App up to 7.11 Build 127 on Android. This affects an unknown part of the component com.rarlab.rar. Such manipulation leads to path traversal. It is possible to launch the attack remotely. Attacks of this nature are highly complex. It is indicated that the exploitability is difficult. The exploit has been disclosed publicly and may be used. Upgrading to version 7.20 build 128 is able to mitigate this issue. You should upgrade the affected component. The vendor responded very professional: "This is the real vulnerability affecting RAR for Android only. WinRAR and Unix RAR versions are not affected. We already fixed it in RAR for Android 7.20 build 128 and we publicly mentioned it in that version changelog. (...) To avoid confusion among users, it would be useful if such disclosure emphasizes that it is RAR for Android only issue and WinRAR isn't affected."
Risk Information
cvss2
Base: 5.1
Severity: HIGH
AV:N/AC:H/Au:N/C:P/I:P/A:P
cvss3
Base: 5.0
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
cvss4
Base: 2.3
Severity: HIGH
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
A weakness has been identified in ZSPACE Q2C NAS up to 1.1.0210050. Affected by this issue is the function zfilev2_api.OpenSafe of the file /v2/file/safe/open of the component HTTP POST Request Handler. This manipulation of the argument safe_dir causes command injection. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
Risk Information
cvss2
Base: 9.0
Severity: LOW
AV:N/AC:L/Au:S/C:C/I:C/A:C
cvss3
Base: 8.8
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
cvss4
Base: 7.4
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=coinmama' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
