Attacker sends nearly 24,000 phishing emails derived from compromised CoinGecko third-party email platform

Cryptocurrency data aggregator CoinGecko experienced a data breach through its third-party email marketing platform GetResponse on June 5.

The attacker exported nearly 2 million contacts from CoinGecko's GetResponse account after compromising a GetResponse employee's account, CoinGecko explained in a statement. The bad actor then sent 23,723 phishing emails from another GetResponse client's account. No malicious emails were sent from CoinGecko's domain.

While CoinGecko user accounts and passwords remained secure, the incident resulted in leaked data including users' names, emails, IP addresses and locations of email opens.

"We are actively investigating this situation with GetResponse and informing all affected users," CoinGecko said in the statement. "Additionally, we are thoroughly reviewing our security procedures and will look to enhance our security protocols in collaboration with our vendors."

In the meantime, CoinGecko recommends users exercise caution around emails claiming airdrops, avoiding clicking links or downloading attachments from unsolicited emails, and other security practices.

Earlier this year, a hacker compromised CoinGecko's X account and promoted a suspicious airdrop for the cryptocurrency GCKO, The Block previously reported.

The Block reached out to CoinGecko for comment on the June 5 data breach.