• by Ray Schultz , March 22, 2022

Marketing tech firm HubSpot has alerted clients to possible data exposure following a cyber attack that apparently targeted cryptocurrency industry customers. 

Fewer than 30 HubSpot portals have been affected, the firm said over the weekend, based on an initial investigation.  

HubSpot learned last Friday that an employee account had been compromised. It terminated access to the account and removed the ability for other employees to take some actions in customer accounts. 

The bad actor attempted to access contact data, including email addresses, mailing addresses and phone numbers, The Boston Globe reported on Monday. The firm has provided clients who were affected with additional details.  

In a separate development, authentication firm Okta reported that it detected an attempt to compromise the account of a customer-support engineer working for a third-party provider.

A probe detected a five-day window between January 16 and January 21, 2022, where an attacker had access to a support engineer’s laptop. The company suspended the person’s account, and has alerted the third-party service provider.

The service has not been breached, and no corrective actions need to be taken by customers, Chief Security Officer David Bradbury wrote in a Tuesday blog post.