Cryptocurrency data aggregator CoinGecko confirmed a data breach on the third-party email management platform GetResponse. On June 6, following reports of a new wave of crypto airdrop scams, CoinGecko confirmed that GetResponse had suffered a data breach on June 5, allowing attackers to export the contact information of over 1.9 million CoinGecko users.
CoinGecko’s Breach Statement
CoinGecko’s announcement on June 7 stated that the security breach occurred due to a compromised employee account:
“An attacker compromised a GetResponse employee’s account, leading to the breach. We received confirmation from the GetResponse team on June 6 that a data breach had occurred.”
The compromised data includes users’ names, email addresses, IP addresses, locations of opened emails, registration dates, and other metadata such as subscription plans. According to CoinGecko, although the main email domain was not compromised, the attacker managed to send a total of 23,723 phishing emails.
“The attacker exported 1,916,596 individuals from CoinGecko’s GetResponse account and sent phishing emails to 23,723 emails from another GetResponse customer’s account.”
Phishing attacks involve hackers aiming to steal sensitive information such as crypto wallet private keys. Other phishing attacks, known as address poisoning scams, aim to trick investors into willingly sending funds to a fake address resembling one they previously interacted with.
Security Issues in the Blockchain Field
According to Hakan Ünal, a senior blockchain scientist at blockchain security firm Cyvers, users should double-check the authenticity of emails and ensure they have two-factor authentication (2FA) on crypto platforms to protect against phishing emails. Ünal stated:
“The most immediate concern is the risk faced by individuals who may receive these compromised emails. To stay safe, users need to verify the authenticity of such emails and enable multi-factor authentication on all crypto accounts.”
Private key and personal data leaks have become the primary reason behind cryptocurrency-related attacks, as exploiters target the lowest-hanging fruit instead of infiltrating more complex protocols. According to Merkle Science’s 2024 HackHub report, over 55% of digital assets compromised in 2023 were lost due to private key leaks.
