The popular CRM vendor HubSpot was hacked last Friday in an attack that targeted cryptocurrency firms using the third-party software.
As a result of the attack, the cryptocurrency space is in disarray, with data breach notifications issued at firms including Circle, BlockFi, Swan Bitcoin, Pantera Capital, NYDIG, and others.
This new incident highlights one of the essential truths to cybersecurity: An organization is only as strong as its weakest link, and that includes all the third-party vendors it gives data access to.
On March 18, a bad actor compromised a HubSpot employee account, gaining access to the Hubspot portal data of the CRM service's customers.
That bad actor exported data from “fewer than 30 portals,” according to Hubspot, resulting in data breaches at all those companies.
“At this time, we believe this to be a targeted incident focused on customers in the cryptocurrency industry,” Hubspot said in a statement today.
The affected firms have all stated that their operations and treasuries were not impacted by the breach. This makes sense, as Hubspot's role as a CRM service means that the data would likely be related to customer marketing and would likely include customer names, phone numbers and email addresses.
So, if you're a user at any of those crypto firms, your personal data might be in the hands of bad actors, and you should triple-check any official emails you get related to your crypto wallets.
How's HubSpot Handling It?
Hubspot explained that it has notified all businesses affected by their hack.
In addition, the company has terminated access to the compromised employee account and says it has also “removed the ability for other employees to take certain actions in customer accounts.”
One silver lining to the whole event: The breach only happened on Friday, and making the details public by Monday is an admirably fast response time. Granted, the number of affected businesses was large enough that the news was bound to get out sooner rather than later.
CRM and Security
Should you reconsider using Hubspot in light of this breach? Not necessarily, at least from a security perspective — Hubspot's fast response and policy change are both good signs that they've handled this incident well.
We've always rated Hubspot fairly highly as a CRM, particularly for its impressive marketing tools, but another popular CRM service, Salesforce, stands a little above it, particularly when it comes to large businesses. In comparison to Hubspot, Salesforce offers better integrations and developer tools that boost customizability, as well as sales features that are just slightly easier to use. Overall, though, both services are worth considering for your marketing needs.
Smaller companies may also want to consider Freshworks CRM, which comes at a low cost but includes useful perks like ticketing, time tracking, and a free plan.
You can read our full comparison page of the two CRM platforms over here, and can check out a few other top recommended CRM platforms over here as well. And if you just want a quick overview of them? Simply scroll through the table we've put together below.
Most expensive plan
Microsoft Dynamics 365
$45 per month/2 users ($23/month per additional user)
$15 per month
$65 per month
$52 per user/per month
$3,200 per month
$99 per month
$15,000 per month
$1,500 per month
$1,000 per month
An extremely solid CRM for all businesses with a great free plan
A highly intuitive CRM that is packed with plenty of features and even has a free plan option
An incredibly popular and robust CRM with tailored pricing options for all businesses
A robust CRM platform that embeds brilliantly with Microsoft products
A great all-round CRM with a great, easy to understand dashboard