Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
ActiveCampaign (AC), an external email marketing provider used by Unchained, was hacked last week, according to Joe Kelly, CEO of Bitcoin financial services firm Unchained Capital. Information shared with AC, including customer email addresses, usernames, account status, whether customers have active multi-signature vaults or loans using Unchained Capital, and possibly IP addresses may have flowed out without authorization. Kelly said no systems on Unchained were affected, meaning customer profile information that was never shared with AC was not leaked. Kelly added that while customer Bitcoin custody is protected by multi-signature cold storage, customers should still be aware of what's going on and be wary of phishing attacks. Attack method (per SlowMist): Information Leakage. Reported loss: -.
- chain
- bitcoin
- protocol
- ActiveCampaign(AC)
- bug_class
- phishing
- date_occurred
- 2022-03-10
- loss_usd
- —
- source_id
- sm:activecampaign-ac-::2022-03-10