What Happened
In March 2026, cybersecurity intelligence identified a data breach at Remote3.co, a Web3 job platform, where 46,161 unique email addresses from its core user registry—comprising active professionals in blockchain and DeFi—were exfiltrated and listed for sale on the dark web for $1,000 in a high-priority “one hand only” auction via Telegram. The incident, reported on March 14, 2026, likely stemmed from an unsecured API or misconfigured newsletter database amid threat actor migrations following the global dismantlement of the LeakBase forum on March 4. No passwords or other personal data beyond emails were mentioned as exposed, but the leak poses severe risks including industrialized Web3-themed social engineering, credential stuffing on crypto platforms like GitHub and Binance, and business email compromise targeting founders and recruiters.
