BlockFi confirms unauthorized access to client data hosted on Hubspot

Published at: March 19, 2022

New Jersey-based crypto financial institution BlockFi confirmed a data breach incident via one of its third-party vendors, Hubspot. BlockFi’s proactive warning about the breach aims to deter the intentions of bad actors in repurposing the user data for fraudulent activities.

According to the announcement, the hackers gained access to BlockFi’s client data on Friday, Mar. 18, that were stored on Hubspot, a client relationship management platform:

“Hubspot has confirmed that an unauthorized third-party gained access to certain BlockFi client data housed on their platform.”

As a third-party vendor for BlockFi, Hubspot stored user data such as names, email addresses and phone numbers. Historically, bad actors have used such information for conducting phishing attacks and gaining access to accounts through user-provided passwords.

Regarding recent third-party data incident: pic.twitter.com/50z7IrQ1za

— BlockFi (@BlockFi) March 19, 2022

At the time of writing, BlockFi is supporting Hubspot’s investigation to gain clarity on the overall impact of the data breach. While the exact details of the breached data are yet to be identified and revealed, BlockFi reassured users by highlighting that personal data — including passwords, government-issued IDs and social security numbers — “were never stored on Hubspot.”

In addition, BlockFi has also confirmed that its internal system and client funds were not accessed and that the breach remains limited to the third-party vendor, Hubspot. 

The company further recommended four methods to help users protect their online presence from bad actors — good password hygiene, two-factor authentication (2FA), allowlisting trusted applications and vigilance against scammers.

On an end note, BlockFi acknowledged that time is of the essence and are expediting their investigations to identify the extent of the breach:

“Additional information will be emailed to all impacted clients in the coming days.”

Investors are advised to be wary of all company communication, especially that demand urgency in requesting/changing personal details including passwords and wallet addresses.

Related: Rare Bears Discord phishing attack nabs $800K in NFTs

On Friday, Mar. 18, the recently launched nonfungible token (NFT) project Rare Bears was attacked, resulting in a theft of nearly $800,000 in NFTs.

Warning @BearsRare Discord has unfortunately been compromised. Please DO NOT click any links, connect your wallet and block all incoming DMs in our discord. Our team are working on the situation as we speak

— Rare Bears (@BearsRare) March 17, 2022

As Cointelegraph reported, the attacked was conducted by a hacker who posted a phishing link in the project‘s Discord channel, and eventually stole 179 NFTs.

Tags
Blockchain
Business
Investigation
Email
Hackers
Phishing
Data
Related Posts
CoinMarketCap hack reportedly leaks 3.1 million user email addresses
CoinMarketCap, a price-tracking website for cryptocurrencies, has reportedly fallen victim to a hack that leaked 3.1 million (3,117,548) user email addresses. The information came into light after the hacked email addresses were found to be traded and sold online on various hacking forums, and revealed by Have I Been Pwned, a website dedicated to tracking hacks and compromised online accounts. CoinMarketCap, a subsidiary of Binance cryptocurrency exchange, confirmed that the list of leaked user accounts matched its userbase: “CoinMarketCap has become aware that batches of data have shown up online purporting to be a list of user accounts. While the …
Blockchain / Oct. 23, 2021
MetaMask issues scam alert as NameCheap hacker sends unauthorized emails
Popular crypto wallet provider MetaMask warned investors against ongoing phishing attempts by scammers attempting to contact users through NameCheap’s third-party upstream system for emails. On the evening of Feb. 12, web hosting company NameCheap detected the misuse of one of its third-party services for sending some unauthorized emails — which directly targeted MetaMask users. Namecheap described the incident as an "email gateway issue." ⚠️MetaMask does not collect KYC info and will never email you about your account! Do not enter your Secret Recovery Phrase on a website EVER. If you got an email today from MetaMask or Namecheap or anyone …
Blockchain / Feb. 13, 2023
YouTube channels hacked and rebranded for live-streaming crypto scams
A new report shared by Google’s Threat Analysis Group (TAG) highlights an ongoing phishing campaign against YouTube creators, typically resulting in the compromise and sale of channels for broadcasting cryptocurrency scams. The TAG attributes the attacks to a group of hackers recruited in a Russian-speaking forum that hacks the creator’s channel by offering fake collaboration opportunities. Once hijacked, the YouTube channels are either sold to the highest bidder or used to broadcast cryptocurrency scams: “A large number of hijacked channels were rebranded for cryptocurrency scam live-streaming. On account-trading markets, hijacked channels ranged from $3 USD to $4,000 USD depending on …
Bitcoin / Oct. 24, 2021
Bent Finance confirms pool exploit, advises investors to withdraw funds
Staking and farming platform Bent Finance joins the list to become the sixth crypto establishment to get hacked in December. The acknowledgment of the attack was followed by requesting investors to withdraw their pool funds and disabling the reward claims on the compromised platform. Bent Finance first realized the exploit on Monday at roughly 8:55 PM EST, a timeline when the company reported no loss of funds. However, the community suspected a rug-pull event when blockchain investigator PeckShield allegedly located the source of the hack transactions. We have located the hack tx, which interestingly is sent from the Bent Finance: …
Blockchain / Dec. 21, 2021
Binance and Huobi freeze $1.4M in crypto linked to North Korean hackers
Cryptocurrency exchanges Binance and Huobi have again frozen accounts linked to the $100 million Harmony Horizon bridge attack on Jun. 24, 2022. Around $1.4 million worth of crypto frozen by the trading platforms came from accounts linked to the notorious Lazarus Group operating out of North Korea. The investigation was carried out by blockchain analytics firm Elliptic, according to a report shared by the firm on Feb. 14. However, the firm didn’t state what coins or tokens were frozen. Exchanges @binance and @HuobiGlobal today froze accounts containing $1.4 million stolen by North Korea’s Lazarus Group. This was made possible thanks …
Blockchain / Feb. 15, 2023