CoinGecko Leaks Data Nearly 2 Million Customers, Crypto Ecosystem Is Threatened

JAKARTA - CoinGecko, aggregator of crypto asset data, faces a serious cybersecurity incident. On June 5, 2024, the company announced that it had become a victim of massive data leaks, affecting nearly 2 million customer data. This incident occurred through a third-party email platform, GetResponse, where the attacker managed to hack into employee accounts and access sensitive data of CoinGecko subscribers.

According to CoinSpeaker information, in this coordinated attack, the attacker managed to export 1,916,596 customer contacts and sent 23,723 phishing emails. Affected information includes usernames, email addresses, IP addresses, email opening locations, and other metadata such as account registration dates and subscription packages. Although user passwords remain secure, this leak raises serious concerns about privacy and data security in the crypto ecosystem.

Phishing Prevention And Awareness Steps

In response to this leak, CoinGecko has taken proactive steps by informing affected users and urging them to be careful with phishing efforts. The company emphasizes that attackers have targeted several web3 companies and warned customers of potential enhanced phishing emails. CoinGecko also insists that they do not have coins or tokens officially issued, so any claims about the airport token by CoinGecko orecko Terminal are fake and should be ignored.

This security incident highlights the vulnerability that exists in the Web3 industry and the increased risk potential as bullish sentiment resurfaced in the crypto market. Well-organized attackers are capable of poorly designed smart contracts and use crypto mixers to hide traces of stolen funds. As additional information, Crypto Mixers is a tool that allows users to mix their crypto asset funds with other user funds, thereby blurring the source and purpose of the fund. This incident reminds that even established companies like CoinGecko are not immune to cyberattacks.