Feb 2021 - Pantera Capital HubSpot Data Breach and Pantera Coin Fraud - $Unknown (United States)
"Since 2013, Pantera has invested in digital assets and blockchain companies, providing investors with the full spectrum of exposure to the space." "Pantera launched the first cryptocurrency fund in the U.S. when bitcoin was at $65 /BTC in 2013. The firm subsequently launched the first blockchain-focused venture fund. Pantera co-CIO Joey Krug co-founded Augur, one of the first decentralized applications built on Ethereum. In 2017, Pantera was the first to offer an early-stage token fund."
"Most individuals don’t understand the power of a CRM. At minimum, these tools allow companies to acquire, sort and manage incoming customers (and their data) in a way that provides the best user experience. At maximum, these tools are capable of an extreme degree of web monitoring and AI-based user segmentation and prediction."
"Multiple Web3 and crypto companies have been affected by a data breach at HubSpot, a marketing and sales platform that stores customer information."
"Crypto venture capital firm Pantera Capital said in February that its Hubspot account had been compromised, and followed up with an email to its clients on March 19."
"Pantera's HubSpot account was recently compromised. Any email regarding a "Pantera Coin" token sale is a scam. We'll follow up with more details when we resolve this issue."
"HubSpot said on Saturday (19 March) that it became aware of a compromised employee account the previous day. The company believes data was exported from around 30 of its clients, “all of whom have been notified”."
"The breach has rippled through the crypto industry: As of Monday, crypto lending platform BlockFi, bitcoin-purchasing automation platform Swan Bitcoin, bitcoin company NYDIG, peer-to-peer payments technology company Circle and cryptocurrency fund Pantera Capital (which was hit a month prior) had been affected."
"Decrypt(opens in new tab) published a letter that Pantera Capital, an American hedge fund that specializes in cryptocurrencies, sent out to its customers, which said "Pantera uses Hubspot as a client relationship management platform. The information that may have been accessed includes first and last names, email addresses, mailing addresses, phone numbers, and regulatory classifications,""
"Adam Healy, chief security officer at BlockFi, said that vendors like HubSpot who are “trusted with client information” are “subjected to a number of reviews.”"
"“However, even in those cases, vendors can make mistakes and as evidenced by Friday’s events have incidents that impact us and our clients,” Healy said in a statement sent to Blockworks."
"The investigation of the bad actor’s activity confirmed that this was a targeted attack focused on customers in the cryptocurrency industry. There was no evidence of suspicious activity within targeted customer accounts after March 18, 2022."
"While it is unclear what the attacker planned to do with this information, Coindesk reported that some users saw an uptick in phishing emails over the weekend, attempting to lure them into putting their passwords into a fake company website."
"[The] rogue employee working at HubSpot – used by more than 135,000 (and growing) customers to manage marketing campaigns and on-board new users – has been fired over a breach that zeroed in on the company’s cryptocurrency customers, the company confirmed on Friday."
"A full list of the affected clients has not been published, but [HubSpot] said it appeared to be a “targeted incident focused on customers in the cryptocurrency industry”."
"Since the incident, we have taken steps to enhance our security and to prevent a similar attack from occurring in the future. While our investigation has concluded and remediation completed, we remain committed to improving our security through regular assessments and testing."
"Hubspot says it's around 30 crypto companies in the hack. Fewer than 10 have divulged so far."
Further Analysis
Pantera Capital is an investment company in the United States offering investors a variety of investment products with exposure to bitcoin and other cryptocurrencies. They were reportedly among those companies affected by the Hubspot data breach. The issue for Pantera happened prior to February 17th, 2021, more than a year before most other firms suffered a similar Hubspot breach. Fraudsters used the information to contact customers and launch the Pantera Coin ICO, which raised 6.22646861 ETH (~$18k USD) with deposits continuing for days after the email. For a brief period of time, it even appears that the fraudsters were answering some company email to indicate the ICO was real, presumably via access gained through Hubspot.
Pantera issued a tweet at the time to notify customers, and subsequently issued a further email a month later when other large firms appear to have fallen victim to similar breaches. It seems unlikely that any funds will be recovered for users who sent their funds in to the ICO and received nothing back.
How Could This Have Been Prevented?
Privacy-conscious customers can set up separate email addresses for each service easily, and avoid providing their phone number when possible. Any received emails must be viewed with scrutiny. Interact with companies only through their official websites and confirm anything with the company directly if it promises a significant reward or threatens access to your funds. Platforms should put in place multi-signature access control on customer data, which requires the approval of multiple people to enable the mass download of data.
More Cryptocurrency Exchange Hacks/Scams/Frauds
TrustWallet Lost COCOS Failed ADA Transfer monsieurgil > > < < Coinseed Destroyed By SEC
Sources/Further Reading
HubSpot Data Breach Ripples Through Crytocurrency Industry | Threatpost (Jun 20)
Home | Pantera (Jul 14)
HubSpot hack leads to multiple Web3 and crypto company data breaches (Jun 26)
Information About HubSpot's March 18, 2022 Security Incident (Jun 26)
HubSpot's Statement Regarding March 18, 2022 Security Incident (Jul 20)
HubSpot Security Program (Jul 20)
@coryklippsten Twitter (Jul 20)
NYDIG, BlockFi, Pantera, Circle All ‘Targeted’ in HubSpot Data Breach (Jul 20)
@PanteraCapital Twitter (Jul 20)
HubSpot Hack Leads to Data Breaches at BlockFi, Swan Bitcoin, NYDIG and Circle (Jul 20)
@DavidGZeiler Twitter (Jul 20)
@coinforensics Twitter (Jul 20)
https://etherscan.io/address/0x8dab16c272f4d4076abe93672d8099ec03b0c583 (Jul 20)
https://coinmarketcap.com/currencies/ethereum/historical-data/ (Dec 21)
@GoingParabolic Twitter (Jul 20)
@davejevans Twitter (Jul 20)
@charlemhk Twitter (Jul 20)
@ubitquity_io Twitter (Jul 20)
https://etherscan.io/tx/0xd5b1232e5de1bd10938e0441e9e1d03d5d78ed30bab1b3af0a1cbcd3a4c32a3d (Jul 20)
 t.me/QuadrigaInitiative
|
 /r/QuadrigaInitiative
|
 @QuadrigaInit
|
 info@quadrigainitiative.com
|