Bitcoin Forum

Anyone has an account on coingecko is affected on this data breach which was released on their announcement email today. The data breach was happened last June 5 and all user details are compromised.

What Data was Compromised?

We have determined that your personal information was unfortunately compromised in this incident. This information may include:

Name (if provided during sign-up)
Email address
IP address and location of email opens
Other metadata such as account sign-up date, subscription plan

Expect the unexpected on your emails about potential scam mail since hacker might sell all the users email info to scammer and other shady services.

I use both Coingecko and Coinmarketcap but not with emails. You can use this sites without email if you do not want to have portfolio on the site. I will prefer to have offline portfolio instead of online ones. I believe people's portfolio would have also been seen by the hackers. Coinmarketcap have been hacked before I think, this should not be surprising and it will not be the last.

I typically use this kind of website without any account but on this case I remember that created an account to support the project which I am heavily invested by adding the token on watchlist.

Also website like coingecko and coinmarketcap offers airdrop and other freebies for those users that has an account by doing simple task. These is the main feature which I probably the selling point on why will user create an account here instead of using it without any account login.

It is better for us to be more sensitive and also remain careful on how we register on some of the crypto platforms we are, since some of them allow users to make use of their services without creating an account with them, i think that will be the best in other to maintain a good measure of privacy practice in other for us not to be tracked or encounter having serious issues like the one being mentioned here by some of the users, though i also never thought about creating an account on then since i uses their app and everything works perfectly fine like that.

I wonder why attackers chose to attack coingecko. There's nothing that can be get there aside from usernames (login info) and few user emails. Well, they might discovered some loop hole of the security, but i still wondering the benefits gets from hacking the site. Not to mention, i doesn't have an account there.

They used third party GetResponse that was responsible for this, but it's important that account remains secure because no passwords were compromised during this attack on Goingecko.

I would suggest everyone to watch out and be careful with all email they receive in future on email address they used for Coingecko registration.
It's not a bad idea to use temp and unique alias emails for registration on services like this.

To be more precise, it was their email provider which was compromised.

Though IMO, the emails alone can serve well on phishing/scam attacks to crypto users hence can be attractive to perps. It's an old scam scheme but is still as popular as ever pretty much because there are always people falling for it.

Looks like the perpetrators got a big slice of the pie as well

Oh i see, so its another on the lists, first i knew ledger, trezor then this. I knew there are still others who have an issue of hacked due to their email providers. So ye, another set of spam emails should be expected from these coingecko users. As long people don't click links from unsolicited emails, they're good.

After the CoinMarketCap fiasco, I am glad I didn't have any email or personal details with Coingecko. It was probably going to be more months of being bombarded with spam and phishing emails.
I learnt that with such sites, one has got to either use disposable email address or addresses that exclusively for crypto and shitcoin sites that can be cracked at any time.

For better opsec, always assume that whatever service you're using will be breached someday.

Especially with crypto-related services, I always use a separate email for these as I know it will be a total nightmare if one of the emails I've used on crypto services gets leaked. I won't be surprised if the old email I've used on Ledger is still heavily being spammed right now.

They need the identities, much more valuable than money sometimes because when they come for money, that's it usually, they end up losing it eventually but with stolen identities, they can just easily ask for a bank loan without the worry of having to pay it back because that's not them and then at the same time, they're not the one that would get asked by the bank for repayments but the real person behind the stolen identity. To fully understand the reasoning behind this, I want you to ask yourself this question, are you the kind of person that when given the offer to be someone else and no one would know that it's not who you really are, would you take that offer? Pretty sure that you would and then you'd understand why a lot of people do want information and steal them.

Another incident that remind people to secure their personal details since data breaching like this would really happen. And if they don't have any other deals or activities to be done on this site then better not to sign a account since we don't know if there would be more worse than this and our data will be use to hack the accounts we have on different platforms.

By the way if someone want to read about this news you can check this one https://cryptobriefing.com/coingecko-data-breach-update

I think nothing serious happen but still they need to be careful since those hackers might attack people and send them those unwanted emails. Also glad I didn't have an account here so there's nothing to worried regarding on this incident. Lastly always use dummy gmail for signing up on any platform.

I have reviewed their privacy policy^[1] and they have the right to keep your data, which may be used or sent to third parties. Therefore, CoinGecko does not present themselves as a service that cares about customer privacy, and the amount of data they can collect about you is small if you have knowledge of the basics of privacy.

In general, it should be assumed that your data will be exploited, and therefore it is better to use email providers with better techniques to combat phishing links and provide an additional address (alias) that can be closed or frozen at any moment.


[1] https://www.coingecko.com/en/privacy

I guess those that have details on them are ones who are representative of each project and as well as those individuals that have participated their candies airdrop or in particular like that. Fortunate for those that don't register on them and just casually visits them to check the price of everything. But that's unfortunate for those that have an account there. I hope that someone who's a security expert will dive down on those black/dark marketplaces where they're selling these data.

Because that's how likely what's going to happen that the hacker will sold the data from their website and have it sold on that area. I'm just not sure about the terms about their purchase but once it's been taken away, there's no way to do a stoppage of the spread of it and being passed down to other third parties. We really don't know if the platforms we're using are going to protect us with our data even if they say so. What we can do is to protect ourselves and if you've got a lot of time, use spare emails and if it is not necessary to input your important details, don't do it.

So that they can send phishing emails to the users, obviously. These are mostly people who hold crypto so they will be targeted by all sorts of malware and malicious links carried inside the email message.

As someone who prefer CoinGecko rather than CMC, it's not good news even though i never bother create account in either website. I also find it's weird nobody have mentioned official CoinGecko response which can be seen https://www.coingecko.com/learn/getresponse-data-breach-june-2024 (https://www.coingecko.com/learn/getresponse-data-breach-june-2024). It seems they don't have plan switch to different email provider.

Nowadays, it is up to you to protect yourself from these types of situations. You should never expect that the App's you provide registration information to will "forever" comply with the protection of personal information provided in a registration.
Submit and registration standards are obsolete in most App's.

This got me thinking about changing the way I compile my portfolio, Coingecko portfolio format is so easy to use and I can access it anywhere even on my mobile or an internet cafe but with a breach like this it exposes your portfolio and your email you have something to worry about, I may have to use a spreadsheet again to monitor my portfolio.
Both Coingecko and Coimarketcap will always become a target because of the huge number of userbase they should upgrade their security to retain their loyal followers or they will look for a better and secured alternatives.

I just realized there was an email from Coingecko that suffered a data breach because this message went to the promotions -> Gmail section.

So far I have an account at Coingecko because only for some airdrop tasks completed there in the past, but what I read they only GetResponse CoinGecko only sent 23,723 phishing messages excluding me because I did not receive it.

So far I created an online portfolio on Coinmarketcap, this may have become a habit so always look there.

I don't really remember if I've ever created an account on CG before, but if I had, I think I just used a disposable email.
In use, disposable email does not have to always be active on the device we use, meaning the email will only be active when the user logs in to their Google account. I recommend a disposable email (new email) on every new site you want to create an account on, this could include casinos or anything that requires you to have an account.

However, regarding this data breach case, I think every user deserves to be warned to be careful when there are phishing or other dangerous attempts. Of course, scammer will target users who own crypto. Thank you for telling me, Eternad.

Most of such services don't care about customer privacy anyway. That data is worth millions of dollars to them, so they will find every way possible to retain it or sent it to third parties.
With retention of data comes a lot of responsibility, so at some point in time, they always end up getting breached. Imagine these are just the breaches we know about, there are those that go unnoticed.

It should generally still be fine — just always make sure to have separate email addresses especially for crypto/finance related things. This can easily be done with premium email services with multiple email address alias features(you can also use custom domains). (Tuta/Protonmail/etc.)

I use both Coingecko and Coinmarketcap, but with secondary accounts, meaning I use junk email. I use both accounts to get some rewards, candy, and airdrops through some simple tasks. I also sometimes create a special list of my favorite coins.

I do not think that hacking is dangerous to me because the data that is stolen is all secondary and worthless. This is why I always use a different email and name for each site. Those affected by hacking are those who use the same data in different locations.

They are not even affected yet, until they fall for the phishing mail that the attacker is going to send. Those whom their data has been exposed should expect anything, so they should be careful of links they click, as scammers would be trying out ways for them to give out their seed phrase.

The attacker would probably not attack now that there is awareness on this issue, they don't mind waiting for a very long time, when many persons have forgotten about the incident, then they start sending out phishing mails, looking for victims to steal from.

I don't think so, soon as this email list is spread or on-sale in dark market users who have email contacts on coingecko will probably receive spam email. Well, as long those emails are only for crypto stuff, it's easier to identify them by the email subject, don't mind reading them just eventually delete and report it as phishing and spam using gmail, i assume it can be done on other email provider too.

Apparently, there were already tens of thousands of phishing emails sent almost immediately after the hack was done. There was no waiting time for these hackers. They're probably making the most out of it, to be the first to attempt to make money out of the victims, to try to catch as many victims as possible unaware as many of them might not have heard of the news right away, before they will sell the same set of data to other cybercriminals for their own batch of phishing emails. There will be waves of phishing emails for sure.

That's a good approach. I also suggest everyone to always use a different password on their email and any other account that they'll register via this email. If you use the same password and your account gets hacked, then hackers will try to use that password to log in to your email and if someone gets access to your email, you'll be in trouble.
Btw if you save your password in Google Chrome, Chrome will tell you if your password has already leaked. I don't think it's a good idea to save passwords in Google or even to use the Chrome browser.

I think that you should always be careful with your email, even if it's fresh and no one has hacked because there are many people who scan email addresses and send many kind of phishing links. One of my emails is full of phishing links but I have never clicked on any of them, I always look at the URL before I click, I also always check the sender. Email spoofing is very easy and no joke.

If you have an account on CoinGecko, you are probably following one or more crypto projects listed there. Scammers will assume that you have various hardware/software wallets and exchanges. Using the leaked e-mail database, they will start sending out phishing e-mails stating that your wallet is locked, and to unlock it you need to verify your identity, enter your seed for verification, and similar schemes. Regardless of how ridiculous this seems to us, it still works and people fall for it. If they didn't scammers wouldn't bother to waste time on doing it.

Yeah, you have to use your email address either in websites that you don't trust or in services that suffer data breaches, in order for you to be attacked by a phishing emails, my point is that your email address must first fall into the hands of bad actors for you to be attacked. Needless to say that it is great to have many email addresses, so you use some of them in websites that you do not trust, and then others for websites or services that you trust.

If you do things as i have said above, you'll know the mails to completely ignore and ther ones you should consider opening. Lastly, many phishing links redirects you to a page were you are asked to input your seed phrase, so you will be safe if you never input your seed phrase anywhere, except when importing it into another device.