NYDIG, BlockFi, Pantera, Circle All ‘Targeted’ in HubSpot Data Breach

HubSpot – which stores users’ names, email addresses and phone numbers – said that the breach was a “targeted incident focused on customers in the cryptocurrency industry”

article-image

Blockworks Exclusive art by axel rangel

share

key takeaways

  • Around 30 clients were impacted, but the full list has not been released yet from HubSpot, nor is the precise nature of the data known
  • Companies known to be affected said customer funds are still safe and secure

In an attempt to target large crypto stakeholders, hackers breached third-party marketing vendor HubSpot last week.

NYDIG, Pantera Capital, BlockFi, Circle and Swan Bitcoin were among those hit by the data breach, per outreach emails reviewed by Blockworks. Affected companies maintain customer funds are still safe and secure. User information was leaked to hackers, but passwords and other sensitive personal information were not. 

HubSpot — which stores users’ names, email addresses and phone numbers — said that the breach was a “targeted incident focused on customers in the cryptocurrency industry.”

One “bad actor,” according to a spokesperson from HubSpot, had “compromised a HubSpot employee account” to access the information. Around 30 clients were impacted, all of whom have been informed.

“We have terminated access for the compromised HubSpot employee account and removed the ability for other employees to take certain actions in customer accounts,” the Massachusetts-based company said in an email to Blockworks. “We take the privacy of our customers and their data incredibly seriously.”

Adam Healy, chief security officer at BlockFi, said that vendors like HubSpot who are “trusted with client information” are “subjected to a number of reviews.” 

“However, even in those cases, vendors can make mistakes and as evidenced by Friday’s events have incidents that impact us and our clients,” Healy said in a statement sent to Blockworks. 

Circle, the financial services firm that issued the dollar-linked stablecoin, said in a statement to Blockworks that financial transaction data was not “impacted by the security incident.” 

“We have communicated with the affected parties and will follow up with them on any material developments as we continue to monitor and investigate the incident,” a Circle spokesperson told Blockworks.

“Sensitive personal information, like Social Security numbers or government-issued identification, were not accessed as this information is not stored on HubSpot.”

Pantera Capital said that its HubSpot account had been compromised last month. The crypto VC firm sent out an email on March 19, assuring clients that their funds were still secure. 

Events like the HubSpot hack are “impossible to avoid” but pale in comparison to “traditional companies,” Greg Gopman, chief marketing and business development officer of Web3 infrastructure company Ankr, told Blockworks.

“There’s a good chance that a traditional company would have lost its customers’ funds in such a broad attack,” Gopman said. “But the blockchain is way more secure, and their treasuries weren’t even touched. Decentralized infrastructure protects data.”

The full extent of the HubSpot hack is still unclear, however, because the company hasn’t disclosed exactly how much data was leaked. The investigation is ongoing.


Don’t miss the next big story – join our free daily newsletter.

Tags

Upcoming Events

HYATT REGENCY SALT LAKE CITY

TUES, OCT. 8, 2024

Guided by the expertise of Blockworks Research Analysts team, this one day event will feature senior leaders, entrepreneurs, and developers from across the crypto industry. Attendees will have the opportunity to participate in an immersive experience to explore the latest trends, […]

Salt Lake City, UT

WED - FRI, OCTOBER 9 - 11, 2024

Pack your bags, anon — we’re heading west! Join us in the beautiful Salt Lake City for the third installment of Permissionless. Come for the alpha, stay for the fresh air. Permissionless III promises unforgettable panels, killer networking opportunities, and mountains […]

recent research

hivemapper.jpeg

Research

We believe crypto market participants overlook Hivemapper’s fundamental potential due to a poor understanding of both the niche map data market and Hivemapper’s positioning relative to incumbents. Hivemapper’s token model catalyzes both a cost and product advantage via unmatched map freshness and near real-time accuracy, which is its wedge into a market characterized by stale data and high data collection costs. Its current and potential future product suite may represent one of the strongest possibilities for PMF in crypto today.

article-image

The Department of Justice and Commodity Futures Trading Commission announced back-to-back lawsuits against KuCoin Tuesday

article-image

Judge Failla found that Coinbase didn’t operate as an unregistered broker in offering its wallet service

article-image

A fund by Laser Digital offers investors exposure to the Polygon network, while a new 21Shares ETP focuses on staking rewards from Toncoin

article-image

Sponsored

The TRON network’s integration into Dune brings a wealth of data and insights to the fingertips of users

article-image

A BTC futures fund offered by Hashdex and Tidal Investments has gotten regulatory clearance to hold bitcoin directly

article-image

At launch, Chain Signatures will be compatible with Bitcoin, Ethereum and Cosmos network chains, as well as DogeCoin and XRP Ledger