Data Breach
CoinGecko, a cryptocurrency data aggregator, has reported a data breach involving its third-party email platform, GetResponse. On June 5th, an attacker accessed customer accounts using stolen employee credentials.
Exposed Data
The breach exposed user data including:
- Names
- Email addresses
- IP addresses
- Email open locations
- Account sign-up dates
- Subscription plans
Phishing Emails
The attacker exported over 1.9 million contacts and used another GetResponse account to send phishing emails to 23,723 users. CoinGecko warns that these emails may offer token airdrops, but they are unauthorized and should be ignored.
No Password Compromise
CoinGecko emphasizes that user accounts remain secure and passwords were not compromised.
Response
CoinGecko has blocked additional email deliveries and is investigating the situation with GetResponse. Affected users are being notified, and security procedures are being reviewed.
Caution
CoinGecko advises users to be cautious when opening emails and to avoid clicking on suspicious links or attachments. Any emails claiming to offer CoinGecko or GeckoTerminal tokens are fraudulent.
