CoinGecko Confirms Data Breach Incident via GetResponse

CoinGecko acknowledges a recent data breach incident via its third-party email platform.

A green robot gecko examining a blackhole with green smoke coming out of it.
Created by Gabor Kovacs from DailyCoin
  • CoinGecko has acknowledged a recent security incident.
  • The incident emanated from CoinGeckoโ€™s third-party platform.
  • User information was compromised.

Crypto data aggregator CoinGecko announced Friday that it recently suffered a data breach through its third-party email platform.

The development comes after Tether CEO Paolo Ardoino warned on June 5 that a โ€œprominent vendorโ€ used by crypto companies to manage mailing lists might have been hacked. CoinGecko co-founder and COO Bobby Ong later claimed the attack was โ€œongoingโ€ but did not mention the compromised company.

CoinGecko Data Breach

According to the announcement, CoinGecko detected unusual activity on its third-party email marketing platform GetResponse on June 5.

Sponsored

โ€œAn attacker had compromised a GetResponse employeeโ€™s account, leading to a breach. We received confirmation from the GetResponse team on 6 June, 2024, at 11:58 AM UTC, that a data breach had occurred,โ€ the statement read.

CoinGecko said the attacker exported 1,916,596 contacts from its GetResponse account and sent phishing emails to 23,723 email addresses from another GetResponse clientโ€™s account (alj.associates).

While CoinGeckoโ€™s employee flagged the activity and helped the company to โ€œpromptly block further email delivery,โ€ the security incident compromised usersโ€™ personal information. This included names, IP addresses, location of email opens, and other metadata such as subscription plan and account sign-up date.

Noting that no phishing emails were sent from CoinGeckoโ€™s domain, the crypto data aggregator stated that its user accounts remain secure and that no passwords were compromised in the breach.

โ€œWe are actively investigating this situation with GetResponse and informing all affected users. Additionally, we are thoroughly reviewing our security procedures and will look to enhance our security protocols in collaboration with our vendors,โ€ CoinGecko said.

Per the statement, CoinGecko has directly emailed users affected by the breach.

Stay updated on DMM Bitcoinโ€™s recovery plan after a $300M exploit:
DMM Bitcoin Shares Recovery Plan Following $300M BTC Hack

Read this article to learn about the safety of your crypto extensions:
Are Your Crypto Extensions Safe? $1M Binance Hack Reveals Risks

This article is for information purposes only and should not be considered trading or investment advice. Nothing herein shall be construed as financial, legal, or tax advice. Trading forex, cryptocurrencies, and CFDs pose a considerable risk of loss.

Author
Brian Danga

Brian Danga is a crypto reporter at DailyCoin covering breaking news. Brian has minor holdings in Bitcoin and Ethereum.

Read more