CoinGecko reports data breach

-

CoinGecko has issued a warning to its users to be vigilant when opening emails after a security breach occurred via its third-party email platform.

Passwords are safe

Earlier last week, CoinGecko identified unusual activity on its email marketing platform, GetResponse, and the cryptocurrency data aggregator later confirmed that an attacker had used a GetResponse employee’s login credentials, likely with social engineering to access customers’ accounts.

This breach exposed user information, including names, email addresses, IP addresses, email opening locations, and metadata such as account sign-up dates and subscription plans.

CoinGecko reassured users that their accounts remain secure and passwords weren’t compromised.

Emails and data

The attacker managed to export nearly 2 million contacts from CoinGecko’s GetResponse account and used another GetResponse user’s account to send phishing emails to more, than 23,000 contacts.

Phishing, a method commonly used by fraudsters to obtain victims’ login credentials and hijack their accounts, remains a significant threat in the crypto sphere.

It’s essential for users to maintain a high level of skepticism, double-check the identity of the sender, and be aware of signs of fake websites to avoid falling victim to such scams.

CoinGecko has coordinated with GetResponse to halt further email deliveries but cautions users that they may still experience an increase in phishing or spam emails.

The challenge here is that these phishing emails appear to come from a credible source, making them seem legitimate at first glance.

No CoinGecko token

CoinGecko emphasized that any email claiming to offer token airdrops by CoinGecko or GeckoTerminal is unauthorized and sent by the attacker, as the company clarified that it doesn’t have any officially issued tokens.

CoinGecko is actively investigating the breach with GetResponse, informing affected users, and reviewing its security protocols to help prevent future incidents.

This breach highlights the threat of phishing attacks in the cryptocurrency space, where even a seemingly secure platform can be compromised through third-party vulnerabilities, or like now, after human interference.

Users are advised to stay alert and verify the authenticity of any unexpected communications related to their cryptocurrency accounts.

Have you read it yet? The tokenization of a Stradivarius violin


Disclosure:This article does not contain investment advice or recommendations. Every investment and trading move involves risk, and readers should conduct their own research when making a decision.

Kriptoworld.com accepts no liability for any errors in the articles or for any financial loss resulting from incorrect information.

LATEST POSTS

New pan-African payment system gains support, but questions remain

The new Pan-African Payments and Settlements System, or PAPSS is generating much hype in Africa, with hopes of formalizing $50 billion in informal trade and...

BlackRock Bitcoin ETF hits record with $4.1 billion daily trading volume

BlackRock’s Bitcoin ETF just had its biggest trading day ever, and it’s all thanks to Donald Trump’s victory in the presidential election. A record-breaking day On November...

DOGE rises double digit

Dogecoin is on the move again, and it surged past the $0.180 mark against the US Dollar, and if it can break through the $0.220...

Crypto big dogs assemble!

What do Anchorage Digital, Robinhood, Galaxy Digital, Bullish, Kraken, Nuvei, and Paxos have in common? They’re teaming up to launch a new stablecoin called the...

Most Popular

Guest posts