CoinGecko confirms data breach from third-party email platform
CoinGecko reassures users after breach; no passwords compromised.
Share this article
Independent crypto data aggregator CoinGecko has confirmed that it experienced a data breach on June 5, 2024, through its third-party email platform, GetResponse.
The company has provided a transparent account of the incident, detailing the steps taken to address the issue and advising users on how to protect themselves.
The data breach occurred when an attacker compromised a GetResponse employee’s account, allowing them to export 1,916,596 contacts from CoinGecko’s GetResponse account. The attacker then sent phishing emails to 23,723 emails from another GetResponse client’s account (alj.associates). CoinGecko’s security team detected the unusual activity and worked with GetResponse to block further email delivery.
Crypto Briefing previously reported on June 5 that several crypto firms are being targeted by a potential email vendor breach, based on a public disclosure from Tether CEO Paolo Ardoino. CoinGecko co-founder and COO Bobby Ong corroborated the disclosure and said that email blasts of fake token launches were being sent to mailing lists connected to crypto firms. Ong also went on to advise the crypto community to exercise caution when engaging with crypto newsletters.
Details of the breach
Personal information compromised in the incident included users’ names (if provided during sign-up), email addresses, IP addresses, locations of email opens, and other metadata such as account sign-up dates and subscription plans. However, CoinGecko user accounts remain secure, and no passwords were compromised.
CoinGecko has directly notified affected users via email and is actively investigating the situation with GetResponse. The company is also reviewing its security procedures and aims to enhance its security protocols in collaboration with its vendors.
To protect themselves, users are advised to remain vigilant and exercise caution when opening emails, as there may be an increase in phishing or spam emails. CoinGecko has emphasized that it is not the only crypto company impacted by this organized, targeted attack.
Users should be cautious of emails from unfamiliar or misleading domains, avoid clicking on links or downloading attachments from unsolicited sources, and be wary of emails claiming to offer token airdrops. CoinGecko has clarified that any email claiming to offer token airdrops by CoinGecko or GeckoTerminal is unauthorized and sent by the attacker, as the company does not have any officially issued coins or tokens.
Share this article