CoinGecko confirms email provider data breach, over 23,000 phishing emails sent

CoinGecko confirms a data breach in its third-party email platform, GetResponse, exposing contact details of 1.9 million users.
CoinGecko confirms a data breach in its third-party email platform, GetResponse, exposing contact details of 1.9 million users.

Cryptocurrency data aggregator CoinGecko has confirmed a data breach suffered by its third-party email management platform GetResponse.

Following yesterday’s reports of a new wave of crypto airdrop scams, CoinGecko confirmed that GetResponse suffered a data breach on June 5, allowing attackers to export the contact information of over 1.9 million CoinGecko users.

The security breach occurred due to a compromised employee account, according to CoinGecko’s June 7 announcement:

“An attacker had compromised a GetResponse employee’s account, leading to a breach. We received confirmation from the GetResponse team on 6 June 2024, at 11:58 AM UTC, that a data breach had occurred.”

The compromised data include users’ names, email addresses, IP addresses, location of email opens and other metadata such as sign-up dates and subscription plans.

CoinGecko user accounts and passwords remain secure and uncompromised.

Related: Crypto hacks increase in 2024, but smart contracts are not to blame

Over 23,000 phishing emails sent so far

According to CoinGecko, while their main email domain wasn't compromised, the attacker still managed to send a total of 23,723 phishing emails.

“The attacker exported 1,916,596 contacts from CoinGecko’s GetResponse account and sent phishing emails to 23,723 emails from another GetResponse client’s account (alj.associates).”

Phishing attacks involve hackers aiming to steal sensitive information like crypto wallet private keys. Other phishing attacks, known as address poisoning scams, aim to trick investors into willingly sending funds to a fraudulent address that looks similar to addresses they previously interacted with.

To safeguard from phishing emails, users should double-check the email’s authenticity and ensure they have two-factor authentication (2FA) on crypto platforms, according to Hakan Unal, senior blockchain scientist at on-chain security firm Cyvers. He told Cointelegraph:

“The immediate concern is the risk posed to individuals who might receive these compromised emails. To stay safe, users should verify the authenticity of such emails and enable multifactor authentication on all crypto accounts.”
$3 billion stolen in hacks — Why are crypto crimes surging?. Source: Cointelegraph

Related: Binance reinstates crypto buys via Mastercard

Private key and data leaks remain the biggest reason behind crypto hacks

Private key and personal data leaks have become the biggest reason behind cryptocurrency-related hacks, as exploiters are targeting the lowest-hanging fruit instead of struggling to break into more complex protocols.

Over 55% of the hacked digital assets were lost to private key leaks during 2023, according to Merkle Science’s 2024 HackHub report.

Crypto total losses by vulnerabilities. Source: Merkle Science

Private key leaks remain the biggest vulnerability in the crypto space, according to Mriganka Pattnaik, co-founder and CEO of crypto risk and intelligence platform Merkle Science. He told Cointelegraph:

“The biggest security concern right now is the rapid increase in losses due to private key leaks… hackers may be looking for easier targets that require less technical knowledge to exploit, such as stealing private keys.”

Magazine: Caitlyn Jenner meme coin ‘mastermind’s’ celebrity price list leaked