- Pi Network users have been alerted to a potential password leak, prompting urgent security actions to protect digital assets from malicious attacks via the Pi Browser.
- PiChain Global urges users to complete KYC verification and bind their email through the official PCM Wallet to safeguard their accounts.
The Pi Network community is on high alert following a red flag raised by PiChain Global, which has reported a potential leak of user passwords. The alarming development, if confirmed, could expose thousands of Pi Network investors to malicious activity through the Pi Browser, putting their digital assets at serious risk.
We've received reports of leaked Pi account passwords, which may allow unauthorized access to your Pi Browser and lead to asset theft. To secure your PCM account, please bind your email by following these steps:
1. Download PCM Wallet from the official website… pic.twitter.com/xeoU1Rjcrf
— PiChain Global (@pichainmall) June 16, 2025
PiChain Global, a key ecosystem participant behind the Pi Chain Mall (PCM), issued the alert through its official Twitter account, revealing that it has been receiving increasing reports of compromised account credentials. In light of the situation, the organization is urging all users to take immediate action to secure their accounts, especially within the Pi Chain Mall platform.
To mitigate the risk, PiChain Global has outlined a step-by-step emergency protocol for users to follow. First and foremost, users are advised to download the official PCM Wallet from the PCM Labs website, the Apple App Store, or Google Play. This wallet will serve as the central tool for secure account binding and identity verification.
Once downloaded, users should not immediately bind their Pi account with the wallet. Instead, the first step is to complete the KYC (Know Your Customer) verification process within the PCM Wallet. After KYC is successfully completed, users must send a verification request to the official PiChain Mall support email at [email protected] with the subject line “Bind Email”.
The email should include the following information:
-
Your Pi Network username (e.g., @yourusername)
-
The email ID you wish to bind to your account
-
A photo of your Pi Network app profile showing your full username
-
A selfie holding your government-issued ID clearly displaying your full name
PiChain Global has assured the community that all binding requests will be handled with confidentiality and efficiency, and that these steps are crucial to maintaining security amid the threat of credential exploitation.
This incident serves as yet another reminder of the persistent vulnerabilities in the crypto ecosystem. Password leaks and phishing attacks remain rampant, especially on platforms that are still in developmental or closed-network stages like Pi Network.
Experts continue to recommend multi-layered security measures, including two-factor authentication (2FA), using strong, unique passwords, and staying vigilant against suspicious messages or links.
While the exact cause or extent of the alleged breach has not been confirmed, users are strongly encouraged to act immediately to protect their digital holdings. As Pi Network moves closer to potential mainnet deployment and broader adoption, ensuring user security will be paramount to building trust and sustainability in its ecosystem.