Crypto companies invest a lot in cybersecurity, but the bad news is that despite their efforts, hackers can still find their way in by attacking third-party vendors. An example of this is what just happened to Circle, BlockFi, Pantera Capital, and NYDIG as well as other major crypto firms have all revealed that they’ve experienced a hack regarding their customer data.
The companies informed their clients via an email that the marketing and sales platform named Hubspot was the one to inform them that their customer’s personal data had in fact been accessed by a hacker.
“Pantera uses Hubspot as a client relationship management platform. … The information that may have been accessed includes first and last names, email addresses, mailing addresses, phone numbers, and regulatory classifications,” Pantera Capital wrote.
Pantera also added that its “internal systems” weren’t seemingly affected by the incident and that the hacker wasn’t able to access any of the Social Security Numbers or government IDs the customers provided them.
Hubspot addressed the issue in a blog post, where it described the attack as a “targeted incident focused on customers in the cryptocurrency industry,” as well as stating a “bad factor” had compromised the account of an employee.
HubSpot elaborated, saying “data was exported from fewer than 30 HubSpot portals,” but did not provide a list of the clients’ whose profiles were compromised.
However, some of the affected companies have had their identities made known due to the fact that the firms alerted their customers, which is a common practice that serves as both a warning to the customers as well as a legal exposure reduction regarding incidents of this nature, the result of which could sometimes be a class action suit and others which result in fines from regulators such as the Federal Trade Commission.
As for the hack’s full extent, that isn’t quite clear at the moment, partly due to HubSpot not disclosing the amount of data that was stolen. However, given that BlockFi and Circle alone have millions of customers, it really could be possible that the hack was major in scale.
Regarding Circle, though, the company wrote that “customers’ funds, financial transaction data and know your customer (KYC) data were also not affected,” though they mentioned that clients’ contact information was stolen.
What also remains unclear is what the Hacker’s intentions are regarding the stolen data. In a large number of cases, hackers sell plundered customer data on the dark web forums, which is where criminals can and do purchase said information to either carry out further hacks or just to run phishing scams.
Regarding the HubSpot incidents, it’s not out of the realm of possibility that the hacker or other criminals could use information like email addresses and such to guess their passwords and subsequently steal their crypto.
The email sent by Circle to its customers referred to phishing as well, though they didn’t mention directly what motivated the attack at all.
Oren Falkowitz, the founder of Area 1, which is an anti-phishing service only recently purchased by Cloudflare, is quite confident that phishing was indeed the source of the incident.
“It’s obvious that the root cause of the cyber attack against HubSpot was phishing. Phishing attacks continue to be the root cause of 95% of cyberattacks,” said Falkowitz via email. “What’s so pernicious about these types of attacks, and the lack of accountability of holders of so much identity data, such as HubSpot, is that they initiate a cycle of more phishing, which is already being reported by HubSpot customers.”