CoinTracker

In December 2022 the crypto tax tracking service CoinTracker suffered a data breach impacting approximately 1.5 million users. The incident was not a direct compromise of CoinTracker systems but occurred through their email service provider SendGrid. Malicious actors gained access to an employee account at SendGrid through a phishing attack which allowed them to export contact lists. The leaked data included user email addresses and partially masked phone numbers. This exposure increased the risk of targeted phishing and smishing attacks against crypto investors using the platform.