HubSpot hacked, putting major crypto firms at risk

Representational image depecting cybersecurity protection
(Image credit: Shutterstock)

HubSpot suffered a cyberattack that saw data belonging to a number of high-profile cryptocurrency businesses taken, the company confirmed.

In a blog post (opens in new tab), HubSpot said that a bad actor compromised an account of one of its employees, and used it to target its customers in the cryptocurrency industry.

HubSpot claims data was exported from “fewer than 30 HubSpot portals,” and that the company notified all affected firms, terminated the account, and reworked its account privileges to make sure something like this doesn’t repeat.

TechRadar needs yo...

We're looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn't take more than 60 seconds of your time. Thank you for taking part.

>> Click here to start the survey in a new window (opens in new tab) <<

Pantera, Circle, BlockFi affected

Although HubSpot did not say which companies were affected, some media managed to discover a few names. Decrypt (opens in new tab) published a letter that Pantera Capital, an American hedge fund that specializes in cryptocurrencies, sent out to its customers, which said "Pantera uses Hubspot as a client relationship management platform. The information that may have been accessed includes first and last names, email addresses, mailing addresses, phone numbers, and regulatory classifications,"

Pantera added that its internal systems weren’t affected, and that the threat actor didn’t access social security numbers, or government IDs belonging to its customers.

Other companies, according to the same source, include Circle, BlockFi, and NYDIG. The full extent of the breach will probably be clear in the coming days and weeks, although Decrypt believes it could be “major”.

Circle told its customers that the threat actor took client contact information, but funds, financial transaction data, and Know Your Customer (KYC) data were not taken.

“While our investigation is ongoing, we wanted to share these initial findings even as we may learn additional facts through our investigation that cause the details above to change or evolve,” HubSpot concluded.

No one has yet claimed responsibility for the attack, and we don’t know what they’ll do with the data, or how exactly HubSpot's endpoints (opens in new tab) got compromised. Chances are, they’ll try to sell it on the black market, where other threat actors might use it for stage-two attacks.

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.