CoinGecko Reveals Data Breach Details That Sent Over 23,000 Phishing Emails

Published: Jun 5, 2024
Written By:
Vignesh Karunanidhi
Milk Road Writer

The crypto industry is facing a potential security breach involving a prominent email newsletter vendor. The warnings were put out by Tether CEO Paolo Ardoino and CoinGecko co-founder Bobby Ong via their recent tweets.

The breach is believed to be a supply chain attack targeting the crypto industry. In addition, the duo has raised concerns about the safety of user data and the potential for phishing attacks.

Key points:

  • Tether CEO Paolo Ardoino received two independent confirmations of a potential compromise by a prominent vendor used by crypto companies to manage mailing lists.
  • CoinGecko co-founder Bobby Ong issued a public service announcement (PSA) warning of an ongoing supply chain email breach attack.
  • Several crypto companies may be affected by email blasts promoting fake token launches.
  • CoinGecko is actively working with their vendor to investigate the extent of the breach and has seen phishing emails sent from other client accounts.
  • There is no CoinGecko token being planned, and users are advised to be cautious of phishing emails.

In a series of tweets, Ardoino urged crypto users to be cautious of any emails suggesting crypto airdrops received in the past 24 hours. In addition, he stated that Tether had received two independent confirmations of a potential compromise involving a prominent vendor used by crypto companies to manage their mailing lists.

While Ardoino refrained from naming the vendor until the investigation was completed, he emphasized the need for vigilance in the face of this potential security threat.

Also read: BNB Soars To New All-Time High Despite Binance’s Struggle In Nigeria

CoinGecko shares key details of the breach

Bobby Ong of CoinGecko had issued a PSA to his followers. Bobby warned the community of an ongoing supply chain email breach attack targeting the crypto industry.

CoinGecko has now announced that it experienced a data breach through its third-party email platform, GetResponse. The breach has led to the compromise of personal information belonging to nearly 2 million users.

According to the announcement, CoinGecko received confirmation from the GetResponse team on June 6, 2024, at 11:58 AM UTC, that a data breach had occurred.

While no phishing emails were sent directly from CoinGecko’s domain, the attacker managed to send phishing emails to a subset of users from another GetResponse client’s account. 

The personal information compromised in the incident includes users’ names, email addresses, IP addresses, and the location of email addresses. It also includes other metadata, such as account sign-up dates and subscription plans.

Additionally, CoinGecko has assured users that their account passwords remain secure and have not been compromised. In response to the breach, CoinGecko has also directly notified all affected users via email and is actively investigating the situation in collaboration with GetResponse.  

Vignesh Karunanidhi

Vignesh has been a seasoned professional in the crypto space since 2017. He has been writing for over 6 years and specializes in writing and editing various types of crypto content, including news articles, long-form pieces, and blog posts, all focused on sharing the beauty of blockchain and crypto.

Vignesh Karunanidhi
Milk Road Writer
Vignesh has been a seasoned professional in the crypto space since 2017. He has been writing for over 6 years and specializes in writing and editing various types of crypto content, including news articles, long-form pieces, and blog posts, all focused on sharing the beauty of blockchain and crypto.