Your wallet was compromised through password reuse
When you use the same password across multiple sites, a breach on any one of those sites exposes all your accounts. Hackers buy leaked password databases and automatically try those credentials everywhere - including password managers and crypto-related services.
This is extremely common. Billions of passwords have been leaked over the years.
How this attack works
Billions of username and password pairs have leaked in past breaches. Attackers load these into automated tools and 'stuff' them across thousands of sites — email, cloud storage, exchanges, password managers. If you reused a password anywhere that protects your crypto, one old breach unlocks it.
The wallet itself is rarely cracked directly. Instead the reused password opens the email or cloud account that holds your seed-phrase backup, or the exchange account that holds your funds, and the rest follows.
Warning signs
- •You use the same or similar passwords across multiple sites.
- •Your email appears in a known breach (check haveibeenpwned.com).
- •An exchange or email account showed a login you don't recognize.
- •Two-factor authentication on your critical accounts is SMS-based or off.
What to do right now
- •Use a unique, randomly-generated password for every account
- •Use a reputable password manager with a very strong master password
- •Enable 2FA everywhere possible (preferably not SMS-based)
- •Create a brand new wallet with a fresh seed phrase
Not sure this is what happened to you?
Run the 2-minute diagnostic