CoinGecko, a cryptocurrency data aggregator, has confirmed a breach in the third-party email management platform GetResponse. This breach, which took place on June 5, allowed attackers to access the contact information of over 1.9 million CoinGecko users. The breach was a result of a compromised employee account, as stated in CoinGecko’s announcement on June 7.
The compromised data includes users’ names, email addresses, IP addresses, location of email opens, and other metadata such as sign-up dates and subscription plans. However, CoinGecko ensures that user accounts and passwords remain secure and uncompromised.
Despite the main email domain of CoinGecko not being compromised, the attackers were able to send a total of 23,723 phishing emails. Phishing attacks are attempts by hackers to steal sensitive information like crypto wallet private keys or trick investors into sending funds to fraudulent addresses.
To protect themselves from phishing emails, users are advised to verify the authenticity of emails and enable two-factor authentication on crypto platforms. Hakan Unal, a senior blockchain scientist at on-chain security firm Cyvers, emphasized the importance of these security measures.
Private key and data leaks continue to be the main cause of cryptocurrency-related hacks, with over 55% of hacked digital assets lost due to private key leaks in 2023. Mriganka Pattnaik, co-founder and CEO of Merkle Science, a crypto risk and intelligence platform, emphasized the significance of addressing private key leaks in order to enhance security in the crypto space.
In related news, a leaked celebrity price list for the Caitlyn Jenner meme coin ‘mastermind’ has caused a stir in the industry.