Hubspot maintained user data such as names, email addresses, and phone numbers as a third-party provider for BlockFi, which has been utilized in the past for phishing attempts.
BlockFi, a crypto-financial institution situated in New Jersey, reported a data breach via Hubspot, one of its third-party providers. BlockFi’s proactive breach notification is intended to dissuade unscrupulous actors from repurposing user data for nefarious purposes.
The hackers got access to BlockFi’s client data, which was kept on Hubspot, a client relationship management platform, according to the announcement:
“An unauthorised third-party obtained access to certain BlockFi client data stored on Hubspot’s platform,” according to Hubspot.
Hubspot kept user data such as names, email addresses, and phone numbers as a third-party provider for BlockFi. Bad actors have previously utilized this information to carry out phishing attacks and obtain access to accounts using user-provided passwords.
BlockFi is assisting Hubspot’s investigation into the overall impact of the data breach at the time of writing. While the specific circumstances of the data breach are yet unknown, BlockFi reassured users by stating that personal information such as passwords, government-issued IDs, and social security numbers “were never saved on Hubspot.”
BlockFi also verified that neither its internal systems nor client funds were hacked and that the intrusion was limited to Hubspot, a third-party partner.
Good password hygiene, two-factor authentication (2FA), allowing listing trusted programs, and vigilance against scammers are among the four techniques recommended by the business to assist customers to protect their online presence from malicious actors.
Finally, BlockFi admitted that time is of the essence and that they are moving quickly to determine the scope of the breach:
“In the next days, additional information will be emailed to all impacted clients.”
Investors should be careful of any firm communication that demands immediate action in requesting/changing personal information, such as passwords and wallet addresses.
Also Read: Another Scam!! Phishing Attack in Rare Bears Discord Nabs About $800K in NFTs: Cryptopia News Today
Join our Telegram Channel to get the best notification regarding Pricing Prediction, Trading Analysis, News, Blogs, and interviews.
