Data Breach at BlockFi, Swan Bitcoin, NYDIG, and Circle as a Result of a HubSpot Hack

HubSpot, a popular marketing and sales platform, discovered on March 18th that a bad actor had hacked into a HubSpot employee account. While the HubSpot investigation is still ongoing and further information is being gathered, preliminary findings indicate that data was exported from fewer than 30 HubSpot portals, all of which have been contacted. HubSpot believes that this is a targeted attack aimed at customers in the cryptocurrency sector at this time.

Data was obtained from fewer than 30 portals according to HubSpot, but the company didn’t specify which accounts were hacked.

Cryptocurrency companies spend a lot of money on cybersecurity, but third-party vendors might still be targeted by hackers. Circle, BlockFi, Pantera Capital, NYDIG, and other big crypto businesses said their user data had been hacked over the weekend.

HubSpot alerted the companies that a hacker had acquired access to their customers personal data, according to emails sent to clients.

HubSpot is Pantera’s client relationship management platform. According to Pantera Capital, the information that may have been accessed includes first and last names, email addresses, mailing addresses, phone numbers, and regulatory classifications.

Pantera further stated that the incident had no impact on its “internal systems,” and that the hacker did not gain access to any Social Security numbers or government IDs provided by clients.

Customers’ funds, financial transaction data, and know your customer (KYC) data were not compromised in the instance of Circle, but clients contact information was stolen, according to the company.

The attack was described by HubSpot as a targeted incident aimed at customers in the cryptocurrency business, with a “bad actor” gaining access to an employee’s account.

The identities of some of the affected companies have instead been revealed as a result of the companies themselves notifying their customers, which is a common practise intended to both warn customers and reduce legal exposure from such incidents, which can result in class action lawsuits and fines from regulators such as the Federal Trade Commission.

Because HubSpot hasn’t acknowledged how much data was stolen, the full scope of the incident is still unknown. However, given the fact that companies like BlockFi and Circle have millions of consumers, the attack might have been significant.

Share This Post:

Facebook
Twitter
LinkedIn
Pinterest
Email
WhatsApp
Picture of Arjun Gopireddy
Arjun Gopireddy
Arjun is an Information Security Specialist, and his main role is to support our clients by identifying and advising on mitigating information security risks. Holding a Master’s degree in Cyber Security (UK) and Engineering Management (USA) his knowledge and skills are shared with our clients. Outside of work Arjun likes watching movies, travelling, playing cricket, football and doing adventurous things such as sky diving. He is the biggest fan of Yuvraj Singh – a former Indian international cricketer.
What our clients say:
Subscribe to our newsletter

Sign up to receive updates, promotions, and sneak peaks of upcoming products. Plus 20% off your next order.

Promotion nulla vitae elit libero a pharetra augue
Subscribe to our newsletter

Sign up to receive updates, promotions, and sneak peaks of upcoming products. Plus 20% off your next order.

Promotion nulla vitae elit libero a pharetra augue
Subscribe to our newsletter

Sign up to receive updates, promotions, and sneak peaks of upcoming products. Plus 20% off your next order.

Promotion nulla vitae elit libero a pharetra augue