CoinGecko Confirms Data Breach Incident via GetResponse

CoinGecko acknowledges a recent data breach incident via its third-party email platform.

A green robot gecko examining a blackhole with green smoke coming out of it.
Created by Gabor Kovacs from DailyCoin
  • CoinGecko has acknowledged a recent security incident.
  • The incident emanated from CoinGecko’s third-party platform.
  • User information was compromised.

Crypto data aggregator CoinGecko announced Friday that it recently suffered a data breach through its third-party email platform.

The development comes after Tether CEO Paolo Ardoino warned on June 5 that a “prominent vendor” used by crypto companies to manage mailing lists might have been hacked. CoinGecko co-founder and COO Bobby Ong later claimed the attack was “ongoing” but did not mention the compromised company.

CoinGecko Data Breach

According to the announcement, CoinGecko detected unusual activity on its third-party email marketing platform GetResponse on June 5.

Sponsored

“An attacker had compromised a GetResponse employee’s account, leading to a breach. We received confirmation from the GetResponse team on 6 June, 2024, at 11:58 AM UTC, that a data breach had occurred,” the statement read.

CoinGecko said the attacker exported 1,916,596 contacts from its GetResponse account and sent phishing emails to 23,723 email addresses from another GetResponse client’s account (alj.associates).

While CoinGecko’s employee flagged the activity and helped the company to “promptly block further email delivery,” the security incident compromised users’ personal information. This included names, IP addresses, location of email opens, and other metadata such as subscription plan and account sign-up date.

Noting that no phishing emails were sent from CoinGecko’s domain, the crypto data aggregator stated that its user accounts remain secure and that no passwords were compromised in the breach.

Sponsored

“We are actively investigating this situation with GetResponse and informing all affected users. Additionally, we are thoroughly reviewing our security procedures and will look to enhance our security protocols in collaboration with our vendors,” CoinGecko said.

Per the statement, CoinGecko has directly emailed users affected by the breach.

Stay updated on DMM Bitcoin’s recovery plan after a $300M exploit:
DMM Bitcoin Shares Recovery Plan Following $300M BTC Hack

Read this article to learn about the safety of your crypto extensions:
Are Your Crypto Extensions Safe? $1M Binance Hack Reveals Risks

This article is for information purposes only and should not be considered trading or investment advice. Nothing herein shall be construed as financial, legal, or tax advice. Trading forex, cryptocurrencies, and CFDs pose a considerable risk of loss.

Author
Brian Danga

Brian Danga, a Kenyan crypto reporter, is dedicated to delivering breaking news and updates from the cryptocurrency world. With a background as a Web3 writer and project manager, he recognizes the importance of unbiased reporting. Holding an LLB degree from the University of Nairobi, Brian's analytical skills contribute to his accurate news reporting. His personal interests include cooking, watching documentaries, reading, and engaging in intellectual discussions.