BlockFi confirms illegal access to Hubspot-hosted client data.
BlockFi, a crypto-financial institution based in New Jersey, reported a data breach incident through one of its third-party providers, Hubspot. BlockFi’s proactive breach notification aims to deter malicious actors from repurposing user data for fraudulent purposes.
According to the tweet, the hackers got access to BlockFi’s client data housed on Hubspot, a client relationship management platform, on Friday, March 18. Hubspot kept user data such as names, email addresses, and phone numbers as a third-party provider for BlockFi. Historically, bad actors have exploited such information to launch phishing attempts and acquire access to accounts using user-supplied passwords.
The firm is assisting Hubspot’s investigation in order to determine the entire impact of the data breach. While the specifics of the compromised data have yet to be uncovered and released, BlockFi reassured consumers by emphasizing that personal data, such as passwords, government-issued IDs, and social security numbers, “were never saved on Hubspot.”
Furthermore, they have confirmed that neither its internal system nor client funds were accessed and that the compromise was limited to the third-party vendor, Hubspot. The business also advised customers to practice excellent password hygiene, two-factor authentication (2FA), allow listing trusted programs, and be wary of scammers.
Finally, they admitted that time is of the essence and is expediting their investigations to determine the scope of the vulnerability. Investors are cautioned to be aware of any firm communication, particularly those that demand immediate action in requesting/changing personal information like passwords and wallet addresses.
DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.
Join CoinCu Telegram to keep track of news: https://t.me/coincunews