Pages:
Author

Topic: Coingecko suffer data breach - page 2. (Read 318 times)

copper member
Activity: 2198
Merit: 1837
🌀 Cosmic Casino
June 07, 2024, 05:28:30 PM
#9
After the CoinMarketCap fiasco, I am glad I didn't have any email or personal details with Coingecko. It was probably going to be more months of being bombarded with spam and phishing emails.
I learnt that with such sites, one has got to either use disposable email address or addresses that exclusively for crypto and shitcoin sites that can be cracked at any time.
hero member
Activity: 1554
Merit: 880
Notify wallet transaction @txnNotifierBot
June 07, 2024, 05:27:32 PM
#8
To be more precise, it was their email provider which was compromised.

Though IMO, the emails alone can serve well on phishing/scam attacks to crypto users hence can be attractive to perps. It's an old scam scheme but is still as popular as ever pretty much because there are always people falling for it.
Oh i see, so its another on the lists, first i knew ledger, trezor then this. I knew there are still others who have an issue of hacked due to their email providers. So ye, another set of spam emails should be expected from these coingecko users. As long people don't click links from unsolicited emails, they're good.
hero member
Activity: 2786
Merit: 902
yesssir! 🫡
June 07, 2024, 02:36:33 PM
#7
I wonder why attackers chose to attack coingecko. There's nothing that can be get there aside from usernames (login info) and few user emails. Well, they might discovered some loop hole of the security, but i still wondering the benefits gets from hacking the site. Not to mention, i doesn't have an account there.

To be more precise, it was their email provider which was compromised.

Though IMO, the emails alone can serve well on phishing/scam attacks to crypto users hence can be attractive to perps. It's an old scam scheme but is still as popular as ever pretty much because there are always people falling for it.

Looks like the perpetrators got a big slice of the pie as well

The attacker exported 1,916,596 contacts from CoinGecko’s GetResponse account and sent phishing emails to 23,723 emails from another GetResponse client’s account (alj.associates).
legendary
Activity: 2212
Merit: 7064
June 07, 2024, 12:19:27 PM
#6
They used third party GetResponse that was responsible for this, but it's important that account remains secure because no passwords were compromised during this attack on Goingecko.

I would suggest everyone to watch out and be careful with all email they receive in future on email address they used for Coingecko registration.
It's not a bad idea to use temp and unique alias emails for registration on services like this.
hero member
Activity: 1554
Merit: 880
Notify wallet transaction @txnNotifierBot
June 07, 2024, 12:18:10 PM
#5
I wonder why attackers chose to attack coingecko. There's nothing that can be get there aside from usernames (login info) and few user emails. Well, they might discovered some loop hole of the security, but i still wondering the benefits gets from hacking the site. Not to mention, i doesn't have an account there.
hero member
Activity: 714
Merit: 521
DGbet.fun - Crypto Sportsbook
June 07, 2024, 12:06:36 PM
#4
Anyone has an account on coingecko is affected on this data breach which was released on their announcement email today. The data breach was happened last June 5 and all user details are compromised.

It is better for us to be more sensitive and also remain careful on how we register on some of the crypto platforms we are, since some of them allow users to make use of their services without creating an account with them, i think that will be the best in other to maintain a good measure of privacy practice in other for us not to be tracked or encounter having serious issues like the one being mentioned here by some of the users, though i also never thought about creating an account on then since i uses their app and everything works perfectly fine like that.
hero member
Activity: 1400
Merit: 623
June 07, 2024, 08:58:10 AM
#3
I use both Coingecko and Coinmarketcap but not with emails. You can use this sites without email if you do not want to have portfolio on the site. I will prefer to have offline portfolio instead of online ones. I believe people's portfolio would have also been seen by the hackers. Coinmarketcap have been hacked before I think, this should not be surprising and it will not be the last.

I typically use this kind of website without any account but on this case I remember that created an account to support the project which I am heavily invested by adding the token on watchlist.

Also website like coingecko and coinmarketcap offers airdrop and other freebies for those users that has an account by doing simple task. These is the main feature which I probably the selling point on why will user create an account here instead of using it without any account login.
legendary
Activity: 1064
Merit: 1298
Lightning network is good with small amount of BTC
June 07, 2024, 08:15:25 AM
#2
I use both Coingecko and Coinmarketcap but not with emails. You can use this sites without email if you do not want to have portfolio on the site. I will prefer to have offline portfolio instead of online ones. I believe people's portfolio would have also been seen by the hackers. Coinmarketcap have been hacked before I think, this should not be surprising and it will not be the last.
hero member
Activity: 1400
Merit: 623
June 07, 2024, 08:12:01 AM
#1
Anyone has an account on coingecko is affected on this data breach which was released on their announcement email today. The data breach was happened last June 5 and all user details are compromised.

What Data was Compromised?

We have determined that your personal information was unfortunately compromised in this incident. This information may include:

Name (if provided during sign-up)
Email address
IP address and location of email opens
Other metadata such as account sign-up date, subscription plan


Expect the unexpected on your emails about potential scam mail since hacker might sell all the users email info to scammer and other shady services.
Pages:
Jump to: