Share this article
HubSpot Hack Leads to Data Breaches at BlockFi, Swan Bitcoin, NYDIG and Circle
The companies affected assured users their crypto is safe because the customer-management tool had limited access to internal data.
By Sam Reynolds
Updated May 11, 2023, 7:13 p.m. Published Mar 21, 2022, 4:30 a.m.
A data breach at HubSpot, a tool used by many companies to manage marketing campaigns and on-board new users, has affected BlockFi, Swan Bitcoin, NYDIG and Circle.
However, all the companies said their operations were not affected and their treasuries were not at risk.
STORY CONTINUES BELOW
Don't miss another story.Subscribe to the Crypto Daybook Americas Newsletter today. See all newsletters
- HubSpot is a customer relationship management (CRM) tool used to store users’ names, phone numbers and email addresses for marketing purposes, and measure the effectiveness of marketing campaigns.
- While user information was leaked to hackers, the affected companies said passwords and other internal information were not affected. In outreach emails seen by CoinDesk, the companies said HubSpot is an external tool and hackers did not gain access to internal systems.
- HubSpot said the breach was the result of a bad actor getting access to an employee account and using it to target stakeholders in the cryptocurrency industry.
- The company said 30 clients were affected, but has not published a full list.
- Some users have reported receiving an uptick in phishing emails from the companies over the weekend, attempting to lure them into entering their passwords on a fake site.
- In 2020, BlockFi suffered a breach after an employee’s SIM card was compromised and ported over to an unauthorized user. After 2020’s attack, BlockFi hired a new chief security officer.
- Crypto venture capital firm Pantera Capital said in February that its Hubspot account had been compromised, and followed up with an email to its clients on March 19.
- At this time, a timeline of events is unknown as HubSpot has not said when its systems were compromised.
UPDATE (March 21, 11:56 UTC): Adds NYDIG, Circle to headline.
More For You
What to know:
- As of October 2025, GoPlus has generated $4.7M in total revenue across its product lines. The GoPlus App is the primary revenue driver, contributing $2.5M (approx. 53%), followed by the SafeToken Protocol at $1.7M.
- GoPlus Intelligence's Token Security API averaged 717 million monthly calls year-to-date in 2025 , with a peak of nearly 1 billion calls in February 2025. Total blockchain-level requests, including transaction simulations, averaged an additional 350 million per month.
- Since its January 2025 launch , the $GPS token has registered over $5B in total spot volume and $10B in derivatives volume in 2025. Monthly spot volume peaked in March 2025 at over $1.1B , while derivatives volume peaked the same month at over $4B.
More For You
Crypto Investment Firm Blockstream to Acquire TradFi Hedge Fund Corbiere Capital
The planned deal will bring Corbiere’s equity and event-driven strategies under Blockstream’s asset management arm.
What to know:
- Blockstream plans to acquire Jersey-based hedge fund Corbiere Capital Management for an undisclosed amount.
- Corbiere founder Rodrigo Rodriguez will become CIO of Blockstream Capital Management, a new asset management unit.
- Komainu, a Blockstream portfolio company, will handle custody, connectivity and off-exchange collateral management.
Top Stories
