Mar 2022 - Circle HubSpot Data Breach - $Unknown (United States)
"Circle is a global financial technology firm that’s at the center of digital currency innovation and open financial infrastructure. We bridge the traditional financial system and the world’s leading public blockchains to unlock growth for businesses and investors around the world."
"Most individuals don’t understand the power of a CRM. At minimum, these tools allow companies to acquire, sort and manage incoming customers (and their data) in a way that provides the best user experience. At maximum, these tools are capable of an extreme degree of web monitoring and AI-based user segmentation and prediction."
"Multiple Web3 and crypto companies have been affected by a data breach at HubSpot, a marketing and sales platform that stores customer information."
"On March 15, a bad actor conducted a social engineering attack against a HubSpot employee that captured the employee’s credentials and persuaded the employee to provide the necessary multi-factor authentication. Between March 15 and March 17, the bad actor conducted reconnaissance within HubSpot’s internal systems. On March 17 and March 18, the bad actor exported contact data and user data from certain HubSpot customer accounts via an internal support tool called just-in-time-access (or JITA)."
"HubSpot said on Saturday (19 March) that it became aware of a compromised employee account the previous day. The company believes data was exported from around 30 of its clients, “all of whom have been notified”."
"The breach has rippled through the crypto industry: As of Monday, crypto lending platform BlockFi, bitcoin-purchasing automation platform Swan Bitcoin, bitcoin company NYDIG, peer-to-peer payments technology company Circle and cryptocurrency fund Pantera Capital (which was hit a month prior) had been affected."
"Adam Healy, chief security officer at BlockFi, said that vendors like HubSpot who are “trusted with client information” are “subjected to a number of reviews.”"
"“However, even in those cases, vendors can make mistakes and as evidenced by Friday’s events have incidents that impact us and our clients,” Healy said in a statement sent to Blockworks."
"Circle, the financial services firm that issued the dollar-linked stablecoin, said in a statement to Blockworks that financial transaction data was not “impacted by the security incident.”"
"Circle declared in a recent statement that the breach of a HubSpot employee account resulted in bad actors obtaining the contact information. The hacked data concerns aspects of browsing activity and interest in the company's products and account manager's name (only when applicable) — but only of those users who opted in to receiving marketing communications from the stablecoin operator."
"According to an email distributed by Circle, HubSpot has “confirmed that an unauthorized bad actor accessed certain client data from several companies, including Circle, housed on their platform after a HubSpot employee account was compromised.”"
"“We have communicated with the affected parties and will follow up with them on any material developments as we continue to monitor and investigate the incident,” a Circle spokesperson told Blockworks."
"The investigation of the bad actor’s activity confirmed that this was a targeted attack focused on customers in the cryptocurrency industry. There was no evidence of suspicious activity within targeted customer accounts after March 18, 2022."
"While it is unclear what the attacker planned to do with this information, Coindesk reported that some users saw an uptick in phishing emails over the weekend, attempting to lure them into putting their passwords into a fake company website."
"Circle tells prospective users: “We are notifying you so that you can take actions to protect yourself. We encourage you to monitor your accounts on a regular basis, use strong passwords and remain vigilant against phishing attempts and other suspicious activity. Phishing may be done using email, phone calls, voicemail, or text messages. In each case, the goal is to lure you into revealing confidential information such as bank account numbers, credit card information, Social Security numbers or passwords.”"
"[The] rogue employee working at HubSpot – used by more than 135,000 (and growing) customers to manage marketing campaigns and on-board new users – has been fired over a breach that zeroed in on the company’s cryptocurrency customers, the company confirmed on Friday."
"A full list of the affected clients has not been published, but [HubSpot] said it appeared to be a “targeted incident focused on customers in the cryptocurrency industry”."
"Since the incident, we have taken steps to enhance our security and to prevent a similar attack from occurring in the future. While our investigation has concluded and remediation completed, we remain committed to improving our security through regular assessments and testing."
"Hubspot says it's around 30 crypto companies in the hack. Fewer than 10 have divulged so far."
Further Analysis
Circle is one of the most well-known companies, a key backer of the USDC stablecoin. They were reportedly among those companies affected by the Hubspot data breach. They let customers know by email and also issued some public statements. There have been no specific reports of Circle clients or customers being targeted subsequently.
How Could This Have Been Prevented?
Privacy-conscious customers can set up separate email addresses for each service easily, and avoid providing their phone number when possible. Any received emails must be viewed with scrutiny. Interact with companies only through their official websites and confirm anything with the company directly if it promises a significant reward or threatens access to your funds. Platforms should put in place multi-signature access control on customer data, which requires the approval of multiple people to enable the mass download of data.
More Cryptocurrency Exchange Hacks/Scams/Frauds
BlockFi Hubspot Data Breach > > < < EtherRock Sold For 444 Wei DinoDealer
Sources/Further Reading
HubSpot Data Breach Ripples Through Crytocurrency Industry (Jun 20)
Circle | USDC, Payments & Treasury Infrastructure for Businesses (Jul 14)
Circle | USDC, Payments & Treasury Infrastructure for Business (Jul 14)
HubSpot hack leads to multiple Web3 and crypto company data breaches (Jun 26)
Information About HubSpot's March 18, 2022 Security Incident (Jun 26)
HubSpot's Statement Regarding March 18, 2022 Security Incident (Jul 20)
HubSpot Security Program (Jul 20)
@coryklippsten Twitter (Jul 20)
NYDIG, BlockFi, Pantera, Circle All ‘Targeted’ in HubSpot Data Breach (Jul 20)
https://www.crowdfundinsider.com/2022/03/188659-circle-reports-security-incident-information-breach-via-hubspot/ (Jul 20)
Circle Warns Its Users Of Potential Cyberattacks: Here's What To Expect - Benzinga (Jul 20)
 t.me/QuadrigaInitiative
|
 /r/QuadrigaInitiative
|
 @QuadrigaInit
|
 info@quadrigainitiative.com
|