Cryptocurrency data aggregator CoinGecko has confirmed a data breach of its third-party email platform GetResponse, exposing over 23,000 users to phishing emails.
This came following yesterday’s reports of a new wave of crypto airdrop scams, suspected to affect CoinGecko.
On June 7th, CoinGecko released an announcement confirming that GetResponse suffered a data breach on June 5th. It allowed attackers to export the contact information of over 1.9 million users.
CoinGecko confirmed a compromised employee email as the cause of the data breach. They said:
“An attacker had compromised a GetResponse employee’s account, leading to a breach. We received confirmation from the GetResponse team on 6 June 2024, at 11:58 AM UTC, that a data breach had occurred.”
The compromised data includes users’ names, email addresses, IP addresses, and email open locations. Metadata such as sign-up dates and subscription plans were also exposed. CoinGecko user accounts and passwords remain secure and uncompromised.
Despite CoinGecko’s primary email domain remaining uncompromised, the attacker was still able to send 23,723 phishing emails. CoinGecko confirmed:
“The attacker exported 1,916,596 contacts from CoinGecko’s GetResponse account and sent phishing emails to 23,723 emails from another GetResponse client’s account (alj.associates).”
Phishing is a scam where attackers deceive people into revealing sensitive information, like crypto wallet private keys.
Other phishing attacks, known as address poisoning scams, aim to trick investors into willingly sending funds to a fraudulent address that looks similar to addresses they previously interacted with.
In response, CoinGecko provided steps on how users can protect themselves from potential scams. They
Read more on cryptonews.com