CoinGecko, a cryptocurrency data aggregator, has confirmed a data breach that occurred on its third-party email management platform GetResponse.
In response to recent reports of crypto airdrop scams, CoinGecko disclosed that GetResponse experienced a data breach on June 5, resulting in attackers being able to access the contact information of more than 1.9 million CoinGecko users.
The security breach was linked to a compromised employee account, as stated in CoinGecko’s announcement on June 7. The compromised data includes users’ names, email addresses, IP addresses, locations of email opens, and other metadata like sign-up dates and subscription plans.
While user accounts and passwords on CoinGecko remain secure and unaffected, the breach led to the sending of 23,723 phishing emails by the attacker, despite the main email domain not being compromised.
Phishing attacks, which involve attempting to steal sensitive information such as crypto wallet private keys, are a concern for users. Address poisoning scams, a type of phishing attack that tricks investors into sending funds to a fake address that resembles one they have previously interacted with, are also on the rise.
To protect themselves from phishing emails, users are advised to verify the email’s authenticity and enable two-factor authentication (2FA) on crypto platforms. Hakan Unal, a senior blockchain scientist at on-chain security firm Cyvers, emphasized the importance of these measures.
Private key and data leaks have emerged as the leading cause of cryptocurrency-related hacks, with over 55% of hacked digital assets lost due to private key leaks in 2023, according to Merkle Science’s 2024 HackHub report.
Mriganka Pattnaik, the co-founder and CEO of Merkle Science, highlighted that private key leaks remain a significant vulnerability in the crypto space. As hackers target the easiest vulnerabilities rather than complex protocols, safeguarding private keys and personal data is crucial to prevent losses.
In conclusion, the crypto industry continues to face challenges related to data breaches and hacks, underscoring the importance of robust security measures for users and platforms alike.
Email provider data breach confirmed by CoinGecko resulting in over 23000 phishing emails sent
No Comments2 Mins Read
Related Posts
Add A Comment