The crypto-lending platform BlockFi said it had disclosed a data breach involving customer information hosted on CRM HubSpot. Hackers gained access to customers’ names, email addresses and phone numbers.
Regarding recent third-party data incident: pic.twitter.com/50z7IrQ1za
— BlockFi (@BlockFi) March 19, 2022
In the statement, HubSpot confirmed that an unauthorized third party gained access to certain BlockFi customer data hosted on their platform.
According to the statement, BlockFi learned of the breach on Friday, March 18. The company emphasised that passwords and client documents were not compromised, and that their funds remained safe.
HubSpot and BlockFi are conducting an investigation into the incident. Affected users will receive separate notices.
BlockFi also recommended that clients practise digital hygiene, enable two-factor authentication, configure a trusted apps list, and remain vigilant against fraudsters.
The community criticised BlockFi’s decision to use HubSpot to manage customer data. Some noted that the service is not suitable for companies in the financial sector.
@BlockFi maintaining its reputation for worst client data stewardship in the space by a long margin.
In what galaxy does it make sense to use HubSpot for financial CRM?
HubSpot is intended for low-risk implementations. For all else there’s SalesForce you cheap bastards. pic.twitter.com/D0wLn4iiku
— Two Comma Pauper (@twocommapauper) March 19, 2022
In May 2021, BlockFi mistakenly credited large sums of Bitcoin to client accounts, and then demanded the return of cryptocurrency.