23.5 C
New York
Thursday, July 25, 2024

CoinGecko Addresses Data Breach from Third-Party Email Platform

CoinGecko, a prominent cryptocurrency data aggregator, has confirmed a data breach originating from a third-party email platform. The company has provided a transparent account of the incident, detailing the steps taken to address the issue and advising users on protective measures.

The breach occurred when an attacker compromised a GetResponse employee’s account, enabling them to export 1,916,596 contacts from CoinGecko’s GetResponse account. Subsequently, phishing emails were sent to 23,723 emails from another GetResponse client’s account (alj.associates). CoinGecko’s security team swiftly detected the irregular activity and collaborated with GetResponse to halt further email deliveries.

Reports from Crypto Briefing on June 5 highlighted potential email vendor breaches affecting several crypto firms, as disclosed by Tether CEO Paolo Ardoino. CoinGecko’s co-founder and COO, Bobby Ong, corroborated this disclosure, noting that fake token launch emails were distributed to mailing lists associated with crypto firms. Ong advised caution within the crypto community when interacting with crypto newsletters.

Must Read

The breach compromised personal information such as users’ names (if provided during sign-up), email addresses, IP addresses, email open locations, and metadata like account sign-up dates and subscription plans. However, CoinGecko user accounts remain secure, with no passwords compromised.

Affected users have been directly notified via email, and CoinGecko is actively investigating the incident with GetResponse while also reviewing its security protocols. The company aims to bolster its security measures in collaboration with its vendors.

To safeguard themselves, users are urged to exercise vigilance when opening emails, as phishing or spam attempts may escalate. CoinGecko advises caution regarding emails from unfamiliar or deceptive domains, abstaining from clicking on links or downloading attachments from unsolicited sources, and skepticism towards emails offering token airdrops. CoinGecko emphasized that any email promising token airdrops from CoinGecko or GeckoTerminal is unauthorized and sent by the attacker, as the company does not issue any official coins or tokens.

Akshit Yadav
Akshit Yadav
Akshit is a dynamic young voice in the blockchain and cryptocurrency space, known for his innovative insights and fresh perspectives. Passionate about the intersection of technology and finance, he brings a youthful energy to his exploration of decentralized systems and digital currencies.

Latest Posts

Don't Miss

Stay in touch

To be updated with all the latest news, offers and special announcements.