Last Updated: 22 July 2022
Due to a data breach at ActiveCampaign, bitcoiners also have personal information that is out on the street. It concerns a problem with software for marketing emails. Shift Crypto of the BitBox wallet shares the story in a press release.
Data leak at marketing software
The company has sent out an email to all those affected. It is a data leak in which email addresses and IP addresses have been leaked. It does not affect the hardware wallets BitBox02 and BitBoxApp itself.
All bitcoin listed here is safe. However, they do warn customers about possible phishing emails.
The ActiveCampaign team has confirmed that “an unauthorised party downloaded the email lists.” According to Shift Crypto, it did use 2FA on its accounts. What went wrong and how the ‘outsider’ gained access to this information is not known.
If you have ever ordered a BitBox, you could be receiving fake messages in your mailbox in the coming weeks.
We are investigating a data breach of ActiveCampaign, the service we used for marketing emails.
Affected data: Name/Alias, Email & IP address
Be aware of suspicious emails, as this data might be used for phishing attempts.
— Shift Crypto (@ShiftCryptoHQ) July 21, 2022
You need not fear that your home address has been leaked. According to the company, the BitBox shop is self-hosted, and all personal data is anonymised after 30 days.
However, a possible scenario is that the hackers will send a ‘fake update’ telling you to update the software of the hardware wallet. The recommendation from Shift Crypto is to keep the firmware on version 4.34.0 for a while longer. This was released on 20 June.
This is not the first time that data from a hardware wallet company has been leaked. In 2020, Ledger was the victim. For example, many bitcoiners received mail from the HEX-scam in the months that followed.