Swan Bitcoin, a Bitcoin-specific savings firm, revealed that it has been affected by a recent data breach from newsletter provider Klaviyo.
Per an email sent by Decrypt and shared by the firm on Twitter, Klaviyo informed Swan Bitcoin of a security incident on August 7.
Swan Bitcoin said that “this incident is the result of one of their employees being phished, which led to the compromise of their internal systems and the download of Swan’s mailing list.”
“We are informing you of this incident because you are a subscriber to our mailing list and your email was leaked as a result of the Klayivo security incident,” the email added.
The crypto firm added that the leaked data included customers’ first names (no last names), email addresses, IP-based geolocation data identifying cities (in some cases), as well as information about how users originally joined the company’s mailing list.
Swan Bitcoin also confirmed that approximately 0.3% of the leaked data set included an outdated snapshot of historical USD deposit information covering the period before March 2022. This likely means that only information about transfers between accounts was disclosed in this 0.3%.
The Los Angeles-based firm said it has no evidence that customer information is being targeted or misused. However, it warned of potential phishing attempts to obtain additional information from affected customers.
“Assume that all emails, texts and phone calls asking you for sensitive information are not genuine,” the email said.
Data leak hits 44 crypto firms
Klaviyo reported the incident in a separate blog post, saying the breach occurred in a phishing attack on August 3. Hackers have reportedly managed to steal one of their employees’ login information.
These credentials were then used to access the employee’s account and internal Klaviyo support tools.
Klaviyo added that it immediately revoked access for the compromised user and removed the threat actor from its systems. The company also notified police and engaged an unnamed leading cybersecurity firm to investigate the breach.
Importantly, Klaviyo reported that the attack mainly targeted crypto businesses that chose the platform for their marketing activities.
“The threat actor used the internal customer support tools to search for primarily crypto-related accounts and saw list and segment information for 44 Klaviyo accounts. For 38 of these accounts, the threat actor downloaded list or segment information,” Klaviyo said in its blog post.
According to the company, hackers obtained customers’ names, email addresses, phone numbers, as well as “some account-specific custom profile properties.” Klaviyo said it had notified owners of all those accounts with the details of which profiles and profile fields were accessed or downloaded.
Founded in 2012 and based in Boston, MA, Klaviyo raised a $320 million Series D funding round in May 2021, which saw the firm’s valuation rise to over $9 billion. Klaviyo said it served more than 70,000 paying customers at the time.
Decrypt contacted Klaviyo for more details on the incident and will update the article accordingly if we hear back.
The data leak at Klaviyo also comes on the heels of reports that another popular email marketing platform Mailchimp has suspended the accounts of crypto-related content creators and media outlets.
The affected businesses include the likes of self-storage crypto wallet Edge, crypto intelligence firm Messari and Decryptas developments once again highlighted the yet-to-be-resolved dependency of Web3 companies on legacy Web2 solutions.
Stay up to date on crypto news, get daily updates in your inbox.
