NYDIG, BlockFi, Pantera, Circle All ‘Targeted’ in HubSpot Data Breach

HubSpot – which stores users’ names, email addresses and phone numbers – said that the breach was a “targeted incident focused on customers in the cryptocurrency industry”

article-image

Blockworks Exclusive art by axel rangel

share

key takeaways

  • Around 30 clients were impacted, but the full list has not been released yet from HubSpot, nor is the precise nature of the data known
  • Companies known to be affected said customer funds are still safe and secure

In an attempt to target large crypto stakeholders, hackers breached third-party marketing vendor HubSpot last week.

NYDIG, Pantera Capital, BlockFi, Circle and Swan Bitcoin were among those hit by the data breach, per outreach emails reviewed by Blockworks. Affected companies maintain customer funds are still safe and secure. User information was leaked to hackers, but passwords and other sensitive personal information were not. 

HubSpot — which stores users’ names, email addresses and phone numbers — said that the breach was a “targeted incident focused on customers in the cryptocurrency industry.”

One “bad actor,” according to a spokesperson from HubSpot, had “compromised a HubSpot employee account” to access the information. Around 30 clients were impacted, all of whom have been informed.

“We have terminated access for the compromised HubSpot employee account and removed the ability for other employees to take certain actions in customer accounts,” the Massachusetts-based company said in an email to Blockworks. “We take the privacy of our customers and their data incredibly seriously.”

Adam Healy, chief security officer at BlockFi, said that vendors like HubSpot who are “trusted with client information” are “subjected to a number of reviews.” 

“However, even in those cases, vendors can make mistakes and as evidenced by Friday’s events have incidents that impact us and our clients,” Healy said in a statement sent to Blockworks. 

Circle, the financial services firm that issued the dollar-linked stablecoin, said in a statement to Blockworks that financial transaction data was not “impacted by the security incident.” 

“We have communicated with the affected parties and will follow up with them on any material developments as we continue to monitor and investigate the incident,” a Circle spokesperson told Blockworks.

“Sensitive personal information, like Social Security numbers or government-issued identification, were not accessed as this information is not stored on HubSpot.”

Pantera Capital said that its HubSpot account had been compromised last month. The crypto VC firm sent out an email on March 19, assuring clients that their funds were still secure. 

Events like the HubSpot hack are “impossible to avoid” but pale in comparison to “traditional companies,” Greg Gopman, chief marketing and business development officer of Web3 infrastructure company Ankr, told Blockworks.

“There’s a good chance that a traditional company would have lost its customers’ funds in such a broad attack,” Gopman said. “But the blockchain is way more secure, and their treasuries weren’t even touched. Decentralized infrastructure protects data.”

The full extent of the HubSpot hack is still unclear, however, because the company hasn’t disclosed exactly how much data was leaked. The investigation is ongoing.


Get the news in your inbox. Explore Blockworks newsletters:

  • Blockworks Daily: The newsletter that helps thousands of investors understand crypto and the markets, by Byron Gilliam.
  • Empire: Start your morning with the top news and analysis to inform your day in crypto.
  • Forward Guidance: Reporting and analysis on the growing intersection of crypto and macroeconomics, policy and finance.
  • 0xResearch: Alpha directly in your inbox. Market highlights, data, degen trade ideas, governance updates, token performance and more.
  • Lightspeed: Built for Solana investors, developers and community members. The latest from one of crypto’s hottest networks.
  • The Drop: For crypto collectors and traders, covering apps, games, memes and more.
Tags

Upcoming Events

Javits Center North | 445 11th Ave

Tues - Thurs, March 18 - 20, 2025

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

Industry City | Brooklyn, NY

TUES - THURS, JUNE 24 - 26, 2025

Permissionless IV serves as the definitive gathering for crypto’s technical founders, developers, and builders to come together and create the future.If you’re ready to shape the future of crypto, Permissionless IV is where it happens.

Old Billingsgate

Mon - Wed, October 13 - 15, 2025

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

recent research

Research Report Templates (4).png

Research

Even as the most performant, widely used blockchain today, Solana is still far from perfect, prompting some teams to iterate upon some design choices while maintaining compatibility at the SVM execution layer. This report analyzes three emergent SVM chains (Eclipse, Atlas, and Fogo) to understand the motivations behind the technical architectures, as well as the current state and future outlook.

article-image

Fundamental investors are turning to token buybacks

article-image

A Glassnode report found that the accumulation range for bitcoin is ‘weak,’ indicating a decline in demand

article-image

CEO Bam Azizi said he’ll only be seeking stablecoin-exclusive funding rounds from now on

article-image

Sponsored

WalletConnect is set to deepen its role by integrating with emerging standards and expanding its utility across different onchain sectors

article-image

Zeta Markets has shipped testnet for Bullet, a low-latency “network extension,” the team told Lightspeed exclusively

article-image

Having passed Congress, the resolution will now head to Trump’s desk