What The HubSpot Bitcoin Company Data Breach Means For You (It’s Not Good)

What The HubSpot Bitcoin Company Data Breach Means For You (It’s Not Good)
ôîòî ïîêàçàíî ñ : bitcoinmagazine.com

2022-3-23 22:07

After CRM data platform HubSpot suffered a data breach targeting Bitcoin company data, customers are wondering if they’re at risk.

You’ve undoubtedly seen the recent news of the HubSpot data breach targeting Bitcoin and cryptocurrency companies and are likely wondering what it all means. While this is not the first and will not be the last data breach in this industry, customer relationship manager (CRM) data leaks pose a severe and unique threat that you, as a user and Bitcoiner, must be aware of.

As someone who has worked deeply as a HubSpot super admin, designing internal systems and managing sales and marketing teams using these tools for over seven years, I want to debrief you on what the current status of the breach is as I see it, and on what this means for you as a customer in this space and what you can do about it.

Most individuals don’t understand the power of a CRM. At minimum, these tools allow companies to acquire, sort and manage incoming customers (and their data) in a way that provides the best user experience. At maximum, these tools are capable of an extreme degree of web monitoring and AI-based user segmentation and prediction.

While HubSpot has already published a rundown of what happened during the leak here, I’d like to explain what this means from my perspective as a HubSpot Super Admin, and for someone whose data is potentially in one of the approximately 30 compromised databases.

What Happened In The HubSpot Data Breach And What Data Might Be CompromisedHubSpot has a level of access called “super admin” on both the internal and external sides of its platformSomeone internal to HubSpot, with super admin access, had their account compromisedSuper Admin access internally allows someone to hop between company accounts and export contact lists (and potentially all associated CRM data)The unauthorized user exported contact lists and assorted information belonging to bitcoin and cryptocurrency companies, including NYDIG, Swan,  and BlockFi.

While it is true that financial data is not stored in the CRM, you should be aware that data associated with the users of these companies and their behaviors is logged in the CRM. This puts users in a unique position to be targeted in social engineering attacks. Following are a few examples of the types of data that can easily be stored in a CRM system and may have been exported in this recent data breach:

IP addressesEmail histories with representatives at the associated companies and any messages or notes those representatives have on customers and their accountsCustomer browsing behavior on associated company websitesMailing and/or shipping addressesHow customers are characterized internally by companies (“big buyer,” “whale,” “mid-sized contact,” ”small user,” etc.)Individual customers’ financial value to companiesAny and all deals customers have done with compromised companies and any associated values, email negotiations or contactsHelp tickets or requests customers have logged with compromised companies

When data is exported from a CRM, it typically comes in a standard database format. This can take the shape of a common .csv or .xls file. Because of this, migrating data from one CRM to the next is often as easy as exporting, re-uploading and tagging appropriate data headers, i.e., first name, last name, address, etc. Expect this situation to unfold quickly.

What Can Someone Whose Data Has Been Compromised Do?

Fortunately, it appears financial data has not been compromised in this recent breach, however, the loss of user persona and behavioral data is severe. At minimum, you should expect to be targeted with spear phishing and spam attacks going forward. Should a bad actor wish to execute a social engineering attack on you, they may contact you with extremely specific information about your name, location, services used and even your behavior on company websites.

Be wary of anyone contacting you via email or phone going forward, and be sure that any and all representatives contacting you are actually associated with the companies they claim to speak for. If you are a high-value customer of a compromised company in this space, I recommend contacting your company representative immediately to verify what data has been breached, what internal classifications that company has on you and what you can do to enhance security in your communications going forward.

For super admins of companies using HubSpot, I recommend disabling employee visibility into your account here and contacting your representative to discuss further removing access permissions on your data. We have yet to see how HubSpot is going to handle this unfolding situation and I would expect the first course of action is to strictly limit who has “view” and especially “export” permissions of company data.

Overall, the best course of action for everyone in this space is to use privacy best practices when browsing, buying and communicating online. This brief article won’t be able to delve into that topic. An unfortunate truth of the hyperconnected digital universe we live in is that any data you share, can and will be stolen. Stay vigilant, and if you aren’t already, begin implementing privacy and security best practices into all of your personal and online behaviors.

This is a guest post by Robert Warren. Opinions expressed are entirely their own and do not necessarily reflect those of BTC Inc or Bitcoin Magazine.

Similar to Notcoin - Blum - Airdrops In 2024

origin »

Streamr DATAcoin (DATA) íà Currencies.ru

$ 0.0438551 (-0.76%)
Îáúåì 24H $19.038m
Èçìåíåèÿ 24h: -3.33 %, 7d: -23.95 %
Cåãîäíÿ L: $0.0435031 - H: $0.0483213
Êàïèòàëèçàöèÿ $47.938m Rank 661
Öåíà â ÷àñ íîâîñòè $ 0.0772302 (-43.22%)

data breach bitcoin company hubspot wondering targeting

data breach → Ðåçóëüòàòîâ: 126


Bankrupt Bitcoin ATM Firm Coin Cloud Suffers Data Breach: 300,000 Customers’ Sensitive Info Stolen

The crypto world is facing a new security challenge as Coin Cloud, a prominent Bitcoin ATM operator, recently became the target of a significant data breach. This incident comes at a challenging time for the company, which filed for bankruptcy earlier this year amid the crypto market downturn and the fallout from the FTX collapse. […]

2023-11-13 21:00


218M ‘Words with Friends’ players’ data reportedly stolen in Zynga hack

Popular social game developer Zynga has reportedly become the latest victim of a massive data breach impacting some 218 million Words with Friends accounts. On September 12, the company disclosed that “certain player account information may have been illegally accessed by outside hackers,” but didn’t disclose any details about the scope of the breach and the number of players who may have had their information stolen.

2019-10-1 09:40


Cybersecurity vendor that protects firms from data breaches hit by data breach

You know it’s a bad day for cybersecurity when a leading provider of internet firewall services that helps safeguard websites from malicious attacks suffers from a security breach of its own. Imperva, a popular California-based security vendor, disclosed that data belonging to an unspecified subset of users of its cloud firewall product was exposed online.

2019-8-28 14:58


Can We Trust Libra After Facebook $5 Billion Fine For Abusing Users’ Privacy?

Watch Will’s analysis on how, after the endless scandals and mishandling our data, Facebook will now have to pay the price of $5 Billion to FTC for the privacy breach, and can we still bet on Libra? If the video doesn’t load, click on the direct link to the video: Facebook $5 Billion FTC Fine […] The post Can We Trust Libra After Facebook $5 Billion Fine For Abusing Users’ Privacy? appeared first on CCN Markets

2019-7-27 14:39


Ôîòî:

Crypto Lending Platform YouHodler Exposes Millions of Privacy Records

Cryptocurrency lending platform YouHodler exposed privacy data, including crypto wallet addresses, from thousands of its cryptocurrency users, vpnMonitor reports. Data breach Is Severe with Widespread Implications vpnMentor and a team led by data scientists Noam Rotem and Ran Locar discovered a significant cryptocurrency data breach affecting 86 million records.

2019-7-25 08:35


Storecoin brings tokenized data to the masses, announces latest milestone-based token offering

With every policy shift, every deplatforming, and every data breach, our faith in Big Tech decreases. In Washington, the drums of anti-trust beat ever louder. But what consumers truly want isn’t necessarily a break up of today’s tech companies: they […] The post Storecoin brings tokenized data to the masses, announces latest milestone-based token offering appeared first on CoinMarketCap.

2019-6-21 15:00


Quest Patient Data Exposed: Could the Blockchain Have Prevented It?

By CCN: A major data breach has rocked Quest Diagnostics, exposing the personal details of nearly 12 million patients in the process. The incident, which was reported in a public filing, occurred on May 14 after centralized third-party billing company American Medical Collection Agency (AMCA) informed the diagnostic testing company about “potential unauthorized activity” on a “web payment page.

2019-6-4 01:15


Data Breach Report From Instagram Raises Concerns About Upcoming Facebook’s Digital Currency

Facebook, the most popular social network in the world, has been affected by different data leaks over the last years. This has harmed users and individuals that had data stored on their platform. Now, the security researcher Anurag Sen discovered that there was a public Amazon Web Services (AWS) database that had the information of […]

2019-5-21 18:33


Verizon Security Research: Over 20% Of Data Breaches Thought to Be Carried Out By Nation State Actors

Verizon’s 2019 Data Breach Investigations Report (DBIR), released Wednesday, which analyzed more than 41,000 cybersecurity incidents and over 2,000 data breaches from 86 countries. It found that cyber attacks by nation states and parties affiliated with them represented 23% of data breaches, up from 12% in 2018 and 19% in 2017, Corporate spying is on […]

2019-5-9 19:16


How Blockchain Can Solve Modern Identity Theft Crisis and Be a Core Reason for “No More ID Theft”

Identity theft is a major worry for many people today. This was compounded by the Equifax breach that leaked the data of over 140 million Americans. The data in that breach included information such as addresses and social security numbers in addition to names and phone numbers. It was a nightmare scenario and there has […]

2019-4-10 19:41


Ôîòî:

Lazarus Hacker Group Continues to Target Crypto Using Faked Trading Software

This article was originally published by 8btc and written by Lylian Tang. The Chinese security service provider 360 Security has issued a warning that a large number of crypto exchanges have been targeted by the North Korean hacker group Lazarus and that the number is still rising after the recent hacks of crypto exchanges DragonEx, Etbox and BiKi.

2019-4-2 21:54