- A data breach has affected the well-known crypto data aggregator firm, CoinGecko.
- The breach involved the exploitation of a third-party service, leading to the exposure of sensitive user information.
- CoinGecko has confirmed that hackers used the stolen data to launch a phishing attack targeting thousands of users.
CoinGecko suffers data breach affecting thousands of users, highlighting the ongoing risks of third-party service vulnerabilities in the crypto industry.
Data Breach Impacts 23,723 Users
On June 7, CoinGecko revealed that hackers had gained unauthorized access to an employee’s account at GetResponse, an email marketing platform. This breach was confirmed by GetResponse on June 6, indicating a significant data compromise.
As a result of this intrusion, 1,916,596 contacts were transferred out of CoinGecko’s GetResponse account. Subsequently, phishing emails were sent to 23,723 of these contacts using another GetResponse account, exploiting the stolen data.
Phishing emails are fraudulent attempts to acquire sensitive information by disguising as trustworthy entities. In this case, the risk includes potential loss of assets due to the exposure of personal information.
Swift countermeasures by CoinGecko and GetResponse halted the malicious emailing activities. However, the compromised data includes user names, email addresses, and metadata such as account sign-up dates and subscription details.
CoinGecko Responds to Data Breach
This breach occurred shortly after Tether CEO Paolo Ardoino alerted the crypto community about a compromised email vendor widely used by crypto firms. CoinGecko has reached out to all affected users, advising caution against suspicious emails, particularly those offering token airdrops purportedly from CoinGecko or GeckoTerminal.
In collaboration with GetResponse, CoinGecko has initiated an investigation to mitigate further risks. The firm’s co-founder and COO, Bobby Ong, emphasized the importance of user vigilance:
“Unfortunately, GetResponse has confirmed that we are among the accounts affected by this targeted supply chain attack. Users should be wary of phishing emails and note that no CoinGecko token is being planned.”
Market Overview Amid the Security Breach
Meanwhile, the cryptocurrency market has experienced a downturn, as reported by CoinMarketCap. The market has lost 2.74% of its value within the last 24 hours, bringing the total market capitalization down to approximately $2.55 trillion. Bitcoin, the leading cryptocurrency, has also declined by 1.92%, currently valued at $69,392.
Conclusion
The recent data breach at CoinGecko underscores the critical importance of cybersecurity, particularly when third-party services are involved. Affected users are urged to remain cautious and vigilant against potential phishing attempts. The incident serves as a stark reminder of the pervasive risks in the digital and crypto domains, necessitating continuous vigilance and robust security practices.
