Updated · May 20, 2022
BlockFi and Swan Bitcoin Data Exposed by HubSpot Hack
Updated · Mar 23, 2022
A cyberattack on HubSpot targeted client data belonging to cryptocurrency-based companies BlockFi and Swan Bitcoin.
A Targeted Hack
A hacker gained access to BlockFi and Swan Bitcoin data stored on a CRM platform, both crypto companies have confirmed. The security breach took place on Friday on HubSpot, a third-party vendor to both firms.
HubSpot announced the hack on Saturday, blaming a “bad actor” for the breach. According to the provider’s statement, it involved a compromise on an employee account. It led to the loss of data from many of its clients.
“Our initial assessment suggests that data was exported from fewer than 30 HubSpot portals, all of whom have been notified. At this time we believed this to be a targeted incident focused on customers in the cryptocurrency industry.”
The company went on to reveal the measures it has taken, including blocking access to the affected profiles. In addition, it has shortened the scope of employee access to its customers’ accounts.
Sensitive Data Not Affected
In a Twitter statement, cryptocurrency exchange BlockFi sought to allay fears, confirming that its internal systems and client funds were not affected. It also added that the breach did not expose any sensitive customer data, as it does not store any on HubSpot.
Swan Bitcoin, a platform for buying Bitcoin, issued a more extensive statement. The company assured users of the safety of their funds, digital assets, and financial information.
It also threw more light on the data that was compromised by the hack:
- phone numbers
- email addresses
- company names
Daniel is an Economics grad who fell in love with tech. His love for books and reading pushed him into picking up the pen - and keyboard. Also a data analyst, he's taking that leap into data science and machine learning. When not writing or studying, chances are that you'll catch him watching football or face-deep in an epic fantasy novel.
Latest from Author
Your email address will not be published.