CoinGecko Reveals Data Breach Details That Sent Over 23,000 Phishing Emails
The crypto industry is facing a potential security breach involving a prominent email newsletter vendor. The warnings were put out by Tether CEO Paolo Ardoino and CoinGecko co-founder Bobby Ong via their recent tweets.
The breach is believed to be a supply chain attack targeting the crypto industry. In addition, the duo has raised concerns about the safety of user data and the potential for phishing attacks.
Key points:
- Tether CEO Paolo Ardoino received two independent confirmations of a potential compromise by a prominent vendor used by crypto companies to manage mailing lists.
- CoinGecko co-founder Bobby Ong issued a public service announcement (PSA) warning of an ongoing supply chain email breach attack.
- Several crypto companies may be affected by email blasts promoting fake token launches.
- CoinGecko is actively working with their vendor to investigate the extent of the breach and has seen phishing emails sent from other client accounts.
- There is no CoinGecko token being planned, and users are advised to be cautious of phishing emails.
In a series of tweets, Ardoino urged crypto users to be cautious of any emails suggesting crypto airdrops received in the past 24 hours. In addition, he stated that Tether had received two independent confirmations of a potential compromise involving a prominent vendor used by crypto companies to manage their mailing lists.
While Ardoino refrained from naming the vendor until the investigation was completed, he emphasized the need for vigilance in the face of this potential security threat.
Also read: BNB Soars To New All-Time High Despite Binanceās Struggle In Nigeria
CoinGecko shares key details of the breach
Bobby Ong of CoinGecko had issued a PSA to his followers. Bobby warned the community of an ongoing supply chain email breach attack targeting the crypto industry.
CoinGecko has now announced that it experienced a data breach through its third-party email platform, GetResponse. The breach has led to the compromise of personal information belonging to nearly 2 million users.
According to the announcement, CoinGecko received confirmation from the GetResponse team on June 6, 2024, at 11:58 AM UTC, that a data breach had occurred.
While no phishing emails were sent directly from CoinGecko’s domain, the attacker managed to send phishing emails to a subset of users from another GetResponse client’s account.
The personal information compromised in the incident includes users’ names, email addresses, IP addresses, and the location of email addresses. It also includes other metadata, such as account sign-up dates and subscription plans.
Additionally, CoinGecko has assured users that their account passwords remain secure and have not been compromised. In response to the breach, CoinGecko has also directly notified all affected users via email and is actively investigating the situation in collaboration with GetResponse.Ā Ā