CoinGecko reports data breach

-

CoinGecko has issued a warning to its users to be vigilant when opening emails after a security breach occurred via its third-party email platform.

Passwords are safe

Earlier last week, CoinGecko identified unusual activity on its email marketing platform, GetResponse, and the cryptocurrency data aggregator later confirmed that an attacker had used a GetResponse employee’s login credentials, likely with social engineering to access customers’ accounts.

This breach exposed user information, including names, email addresses, IP addresses, email opening locations, and metadata such as account sign-up dates and subscription plans.

CoinGecko reassured users that their accounts remain secure and passwords weren’t compromised.

Emails and data

The attacker managed to export nearly 2 million contacts from CoinGecko’s GetResponse account and used another GetResponse user’s account to send phishing emails to more, than 23,000 contacts.

Phishing, a method commonly used by fraudsters to obtain victims’ login credentials and hijack their accounts, remains a significant threat in the crypto sphere.

It’s essential for users to maintain a high level of skepticism, double-check the identity of the sender, and be aware of signs of fake websites to avoid falling victim to such scams.

CoinGecko has coordinated with GetResponse to halt further email deliveries but cautions users that they may still experience an increase in phishing or spam emails.

The challenge here is that these phishing emails appear to come from a credible source, making them seem legitimate at first glance.

No CoinGecko token

CoinGecko emphasized that any email claiming to offer token airdrops by CoinGecko or GeckoTerminal is unauthorized and sent by the attacker, as the company clarified that it doesn’t have any officially issued tokens.

CoinGecko is actively investigating the breach with GetResponse, informing affected users, and reviewing its security protocols to help prevent future incidents.

This breach highlights the threat of phishing attacks in the cryptocurrency space, where even a seemingly secure platform can be compromised through third-party vulnerabilities, or like now, after human interference.

Users are advised to stay alert and verify the authenticity of any unexpected communications related to their cryptocurrency accounts.

Have you read it yet? The tokenization of a Stradivarius violin

LATEST POSTS

Chinese FTX creditors fight back for the payout

The FTX story just got a spicy new chapter, and it’s got more twists than a mob movie plot. Picture this, over 300 Chinese creditors,...

Circle’s stock bounces back 14%, but why?

Circle’s CRCL stock took a textbook nosedive, dropping a brutal 42% from nearly $299 to $171.50 since late June. That kind of fall makes you...

Bitcoin’s supply shrinks, but big players buy $164M in BTC

The whales, and the institutional sharks are swimming in Bitcoin waters, and they’re gobbling up coins like it’s the last slice of pizza at the...

Russian Bitcoin mining sector is getting a legal update

Russia’s getting serious about its Bitcoin mining sector, and it ain’t just for show. The big wigs over at the Ministry of Energy, Digital Development,...

Most Popular

Guest posts