Cryptocurrency data aggregator CoinGecko has announced a data breach involving its third-party email management platform, GetResponse, which compromised the information of over 1.9 million users.
Details of the Breach
On June 5, an attacker gained access to a GetResponse employee’s account, allowing the export of CoinGecko users’ contact information. CoinGecko confirmed the breach on June 7, explaining that the compromised data includes names, email addresses, IP addresses, email open locations, and metadata such as sign-up dates and subscription plans.
Despite the breach, CoinGecko reassured users that their accounts and passwords remain secure.
Phishing Emails Sent
The attacker used the compromised data to send 23,723 phishing emails from another GetResponse client’s account, alj.associates. These phishing attacks aim to steal sensitive information like crypto wallet private keys or trick users into sending funds to fraudulent addresses.
Safety Measures
CoinGecko urges users to verify the authenticity of emails and enable two-factor authentication (2FA) on all crypto platforms to safeguard against phishing attempts. Hakan Unal, senior blockchain scientist at Cyvers, emphasized the importance of these precautions, noting the immediate risk to individuals who might receive these compromised emails.
Also Read: Google Ads Exploited by Scammers to Promote Phishing Crypto Site
Rising Crypto Crimes
The incident highlights a broader trend of increasing crypto-related crimes. In 2023, over 55% of hacked digital assets were lost due to private key leaks, according to Merkle Science’s 2024 HackHub report. Private key and data leaks are now the primary vulnerabilities exploited by hackers, as they target easier and less technically challenging assets.
Mriganka Pattnaik, co-founder and CEO of Merkle Science, noted, “The biggest security concern right now is the rapid increase in losses due to private key leaks… hackers may be looking for easier targets that require less technical knowledge to exploit, such as stealing private keys.”
