A new data leak has seen popular cryptocurrency exchange Poloniex email affected users, asking them to change their passwords to remain safe.

On social media, responding to a user who believed an email regarding his password being reset was an attempt to phish him, Poloniex revealed “someone” leaked email addresses and passwords on social media.

In the email the cryptocurrency exchange revealed “almost all of the email addresses listed [on the leak] do not belong to Poloniex accounts,” but it is nevertheless “forcing a password reset on any email addresses listed that do have an account with us.”

It’s currently unclear who’s behind the data leak or where the data came from. The Twitter post allegedly leaking the email addresses that could be used to log into the cryptocurrency exchange has now been deleted.

On its Twitter account, Poloniex pointed out it promptly “sent emails out to all affected users, requiring them to change their password.” As reported, the exchange recently ditched know-your-customer (KYC) checks for accounts withdrawing up to $10,000 a day.

The exchange unfroze and upgraded unverified accounts to this tier, and added users who don’t do KYC will still be able to join trading competitions, take advantage of staking, and use its Trollbox.

The move was made shortly after Poloniex spun out of Circle and became an independent company, in which Justin Sun, the CEO of the TRON Foundation, revealed he invested in. Since the move, data shows users have been withdrawing their funds from the exchange.

Featured image via Pixabay.