A recent cyberattack on customer relationship management (CRM) tool HubSpot led to data leaks at several cryptocurrency companies. BlockFi, Swan Bitcoin, NYDIG, Pantera Capitals, and Circle all reported security breaches, saying hackers managed to steal their customers’ data. However, funds and sensitive information like passwords were safe, and operations remained intact.
HubSpot said that almost 30 clients were affected, but the main target was customers in the crypto industry. The company stores users’ names, email addresses, and phone numbers on its servers. Cybercriminals use such data to launch phishing and ransomware attacks.
Crypto Firms the Real Target
On March 18, HubSpot announced it suffered a security breach within its network, affecting around 30 portals. The CRM company believed the attack “focused on customers in the cryptocurrency industry.” Crypto firms BlockFi and Swan admitted that the incident with the marketing vendor led to the exposure of customer data.
However, they said that hackers did not steal funds or sensitive information like passwords, adding that their networks remained safe and intact. NYDIG and Circle also reported leaks, according to Blockworks, while Pantera Capital’s HubSpot account was compromised in February.
All the mentioned cryptocurrency services use HubSpot as a third-party marketing vendor and CRM tool. The company stores users’ names, email addresses, phone numbers, and additional information but does not have access to sensitive data. Nonetheless, it is more than enough for threat actors to launch phishing campaigns.
In fact, several users said they received fake emails from the companies, in which scammers tried to lure them into giving away their passwords on a bogus, malicious site.
BlockFi Chief Security Officer Adam Healy told Blockworks that services responsible for client info like HubSpot are regularly audited. But despite all the reviews, mistakes can still happen, which leads to incidents like this one.
Ankr Chief Marketing and Business Development Officer Greg Gopman said that cyberattacks against third-party vendors are almost impossible to avoid. He added that had this happened to a traditional company; there’s a good chance that hackers would have stolen customers’ funds.
But the blockchain is way more secure, and their treasuries weren’t even touched. Decentralized infrastructure protects data.Greg Gopman, Ankr Chief Marketing and Business Development Officer
How Hackers Infiltrated HubSpot
In their statement, HubSpot said the cyberattack that hit their servers came after a “bad actor” compromised an employee account. Certain employees like account managers and customer support teams have access to user information to offer a better service. Once the company discovered the breach, it shut down the employee’s account and any other with customer access.
Furthermore, the CRM tool notified all the victims from the breach and launched an investigation, which is still ongoing. It also added that it’s only sharing the initial findings from the examination and that further information could surface and “cause the details above to change or evolve.”
We take the privacy of our customers and their data incredibly seriously.HubSpot
This isn’t the first cyberattack against cryptocurrency companies this year. Earlier in January, Crypto.com suffered a massive breach, resulting in user account theft and the loss of $35 million. And in February, reports emerged that hackers targeted crypto platform Wormhole and stole around $320 million in Ethereum.