Circle, BlockFi, Pantera Capital, NYDIG and others suffered a data breach over the weekend through HubSpot, a vendor that stores users’ names, phone numbers and email addresses for marketing purposes.
The incident happened last Friday, and was “[believed] to be a targeted incident focused on customers in the cryptocurrency industry,” according to a statement by HubSpot. A bad actor had reportedly hacked into a HubSpot employee account which had access to customer accounts.
An investigation by HubSpot suggested that about 30 corporate clients were affected by the hack, but the company did not disclose their names. Several affected companies notified customers of the data leak by email. They sought to reassure customers that while some user information was leaked, passwords and other internal data like IDs and Social Security numbers were not.
It is unclear what the attacker intended to do with the obtained contact information. Circle warned that the customer information could be used for phishing campaigns. The spread of cryptocurrency's popularity has drawn increasing interest from criminals, and companies like Coinbase have warned customers to be wary of phishing attempts.
"It's obvious that the root cause of the cyber attack against HubSpot was phishing. Phishing attacks continue to be the root cause of 95% of cyberattacks," Oren Falkowitz, founder of anti-phishing service Area 1, said in an interview with Decrypt.
The leak comes as the crypto industry has placed an increasing emphasis on KYC compliance. With crypto companies legitimately asking for more information from customers, phishing attacks could trick customers into revealing sensitive financial data by suggesting KYC rules require divulging it.