Swan Bitcoin Reveals Data Leak Due to Phishing Attack on Newsletter Provider


Swan Bitcoin, a Bitcoin-specific savings company, revealed that it had been affected by a recent data breach from its newsletter provider Klaviyo.

By an e-mail seen by Decrypt and shared by the firm on Twitter, Klaviyo notified Swan Bitcoin of a security incident on August 7.

Swan Bitcoin stated that “this incident is the result of a phishing attack by one of their employees, which led to their internal systems being compromised and Swan’s mailing list being downloaded.”

“We are notifying you of this incident as you are subscribed to our mailing list and your email has been leaked following the Klayivo security incident,” the email added.

The crypto firm added that the leaked data included customers’ first names (not last names), email addresses, IP-based geolocation data identifying cities (in some cases), as well as information about how users initially joined the company’s mailing list.

Swan Bitcoin also confirmed that around 0.3% of the leaked dataset included an outdated snapshot of historical USD deposit information covering the period before March 2022. were revealed in this 0.3%.

The Los Angeles-based company said it has no evidence that customer information is being targeted or misused. However, he warned against possible phishing attempts to obtain additional information from affected customers.

“Assume that all emails, text messages and phone calls asking you for sensitive information are not genuine,” the email reads.

Data leak affects 44 crypto firms

Klaviyo reported the incident in a separate blog post, saying the breach happened during a phishing attack on August 3. Hackers reportedly managed to steal one of his employee’s login credentials.

These login credentials were then used to access the employee’s account and Klaviyo’s internal support tools.

Klaviyo added that he immediately revoked the compromised user’s access and removed the threat actor from his systems. The company also notified law enforcement and engaged with an unnamed leading cybersecurity firm to investigate the breach.

Importantly, Klaviyo reported that the attack mainly targeted crypto companies that have chosen the platform for their marketing activities.

“The threat actor used internal customer support tools to primarily search for crypto-related accounts and viewed list and segment information for 44 Klaviyo accounts. For 38 of these accounts, the perpetrator threat uploaded list or segment information,” Klaviyo said in his blog post.

According to the company, the hackers obtained the customers’ names, email addresses, phone numbers, as well as “some account-specific custom profile properties.” Klaviyo said it notified the owners of all such accounts of the details of profiles and profile fields viewed or downloaded.

Founded in 2012 and based in Boston, MA, Klaviyo raised a $320 million Series D funding round in May 2021, which saw the company’s valuation increase to over $9 billion. Klaviyo said he served over 70,000 paying customers at the time.

Decrypt has reached out to Klaviyo for more details on the incident and will update the article accordingly if we receive a response.

The data leak at Klaviyo also follows reports that another popular email marketing platform, Mailchimp, has suspended the accounts of content creators and crypto-related media.

Companies affected include the likes of self-custodial crypto wallet Edge, crypto intelligence firm Messari and Decryptas developments have once again highlighted the still unresolved dependency of Web3 companies on legacy Web2 solutions.

Stay up to date with crypto news, get daily updates in your inbox.


Add Comment