A data breach at Hubspot, a tool used by many companies to manage marketing campaigns and onboard new users, has affected BlockFi and Swan Bitcoin, but both companies say that their operations have not been affected and treasuries are not at risk.
Hubspot is a Customer Relationship Management (CRM) tool used to store users’ names, phone numbers, and email addresses for marketing purposes, and measure the effectiveness of marketing campaigns.
While user information was leaked to hackers, both companies say that passwords and other internal information was not affected. As Hubspot is an external tool, hackers did not gain access to internal systems.
Hubspot said that this was the result of a bad actor getting access to an employee account and using it to target stakeholders in the cryptocurrency industry.
The company said 30 clients were affected, but has not published a list.
Some users have reported receiving an uptick in phishing emails from the companies over the weekend, attempting to lure them into entering their password on a fake site.
In 2020, BlockFi suffered a breach after an employee’s SIM card was compromised and ported over to an unauthorized user.
After 2020’s attack, BlockFi hired a new chief security officer.
Crypto venture capital firm Pantera Capital said in February that its Hubspot account had been compromised.
At this time a timeline of events is unknown as Hubspot has not said when their system was compromised.
DISCLOSURE
The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.
