: Exodus will never email you to "verify" or "validate" your wallet. Official updates are only handled through the application or the official website .

: The leak is frequently used by threat actors for credential stuffing (trying these passwords on other sites) and targeted phishing campaigns. Recent Resurgence (2024–2026)

: Security researcher Troy Hunt added this breach to Have I Been Pwned in April 2021.

Target users with or "cracked" software that specifically searches for local Exodus wallet files to drain funds. Recommended Actions

: Check if your email appears in this breach using Have I Been Pwned.

The file titled "" refers to a verified data breach involving approximately 2.9 million records that originally resurfaced or was first indexed in early April 2021 . While the Exodus wallet itself is self-custodial and does not store user funds or private keys on its own servers, this leak contains user credentials primarily associated with their marketing or support databases. Key Details of the Leak Total Records : 2,989,954.

Send (phishing) that claim your wallet is suspended to trick you into entering your 12-word recovery phrase.

: Primarily Email Addresses and Password Hashes (SHA-1) .