CoinGecko reports data breach

-

CoinGecko has issued a warning to its users to be vigilant when opening emails after a security breach occurred via its third-party email platform.

Passwords are safe

Earlier last week, CoinGecko identified unusual activity on its email marketing platform, GetResponse, and the cryptocurrency data aggregator later confirmed that an attacker had used a GetResponse employee’s login credentials, likely with social engineering to access customers’ accounts.

This breach exposed user information, including names, email addresses, IP addresses, email opening locations, and metadata such as account sign-up dates and subscription plans.

CoinGecko reassured users that their accounts remain secure and passwords weren’t compromised.

Emails and data

The attacker managed to export nearly 2 million contacts from CoinGecko’s GetResponse account and used another GetResponse user’s account to send phishing emails to more, than 23,000 contacts.

Phishing, a method commonly used by fraudsters to obtain victims’ login credentials and hijack their accounts, remains a significant threat in the crypto sphere.

It’s essential for users to maintain a high level of skepticism, double-check the identity of the sender, and be aware of signs of fake websites to avoid falling victim to such scams.

CoinGecko has coordinated with GetResponse to halt further email deliveries but cautions users that they may still experience an increase in phishing or spam emails.

The challenge here is that these phishing emails appear to come from a credible source, making them seem legitimate at first glance.

No CoinGecko token

CoinGecko emphasized that any email claiming to offer token airdrops by CoinGecko or GeckoTerminal is unauthorized and sent by the attacker, as the company clarified that it doesn’t have any officially issued tokens.

CoinGecko is actively investigating the breach with GetResponse, informing affected users, and reviewing its security protocols to help prevent future incidents.

This breach highlights the threat of phishing attacks in the cryptocurrency space, where even a seemingly secure platform can be compromised through third-party vulnerabilities, or like now, after human interference.

Users are advised to stay alert and verify the authenticity of any unexpected communications related to their cryptocurrency accounts.

Have you read it yet? The tokenization of a Stradivarius violin


Disclosure:This article does not contain investment advice or recommendations. Every investment and trading move involves risk, and readers should conduct their own research when making a decision.

Kriptoworld.com accepts no liability for any errors in the articles or for any financial loss resulting from incorrect information.

LATEST POSTS

Trump considers a new government role, the crypto-czar

President-elect Donald Trump is reportedly mulling over the idea of appointing a Crypto-Czar to help shape U.S. policy on blockchain and digital assets. This move...

Chainlink teams up with Microsoft for Brazil’s CBDC pilot

Chainlink is collaborate in a pilot project for Brazil’s upcoming slavecoin, the central bank digital currency, or CBDC known as DREX. Teaming up with Microsoft,...

Supply shock: Bitcoin ETFs buying up 9,000 BTC daily while only 450 are mined

It looks like Bitcoin ETFs in the U.S. are on a serious buying spree, scooping up way more BTC than is actually being mined each...

BlackRock Bitcoin ETF options see $1.9 billion traded on launch day

Options contracts for BlackRock’s spot Bitcoin ETF, the iShares Bitcoin Trust ETF, kicked off with a bang, trading nearly $2 billion in total exposure on...

Most Popular

Guest posts