New Jersey-based BlockFi has confirmed a data breach incident through one of its third-party vendors, Hubspot. The BlockFi Proactive Violation Warning is intended to prevent the reuse of user data for fraudulent activities with bad intentions.
According to the announcement, on Friday, March 18, hackers gained access to BlockFi customer data that was stored on Hubspot, a customer relationship management platform:
Hubspot has confirmed that an unauthorized third party has gained access to some BlockFi customer data on their platform.
As an external provider of BlockFi, Hubspot stored user data such as names, email addresses, and phone numbers. Historically, attackers have used this information to carry out phishing attacks and gain access to accounts through user-entered passwords.
At the time of writing, BlockFi was supporting the Hubspot investigation to clarify the overall impact of the data breach. While the exact details of the data breach have yet to be identified or disclosed, BlockFi assured users, emphasizing that personal data, including passwords, government IDs, and social security numbers, “was not stored on Hubspot.”
In addition, BlockFi also confirmed that its internal system and client funds were not compromised, and that the breach is still limited to third-party provider Hubspot.
The company also recommended four ways to help users protect their online presence from intruders: careful password hygiene, two-factor authentication (2FA), trusted apps with a list of permissions, and vigilance against scammers.
Finally, BlockFi acknowledged that time is of the essence and is expediting its investigation to determine the extent of the breach:
“More information will be emailed to all affected customers in the coming days.”
Investors are advised to beware of all communications from the company, especially those that require an urgent request/change of personal information, including passwords and wallet addresses.
RELATED: Rare Bears Phishing Attack Hits $800,000 in NFTs
Friday 18: In March, the recently launched Rare Bears Non-Fungible Token (NFT) project was launched, resulting in the theft of about $800,000 in NFTs.