Koinly Warns of Potential Email Exposure in Third-Party Mixpanel Breach
Koinly has warned users that a third-party breach involving its analytics provider Mixpanel may have exposed some user email addresses. However, Koinly's own systems remained unaffected, and sensitive financial and tax data are reported to be safe.
Mixpanel disclosed in November that a hacker accessed some of its user accounts and data, potentially exposing names, email addresses, rough locations such as city and country, and device information including operating system and browser details. Koinly emphasized that it never shared wallet information, transaction history, tax filings, or portfolio data with Mixpanel.
Following the incident, Koinly has ceased using Mixpanel and is auditing other third-party tools that process user information. The company is actively evaluating the extent of exposure in collaboration with Mixpanel but cannot currently provide the number of affected users or specify the timeframe during which the exposure occurred.
Users have been advised to remain cautious of phishing attempts and verify that any messages they receive genuinely originate from Koinly's official domain. Koinly serves over 1.5 million users across more than 20 countries, auto-importing data from over 900 exchanges, wallets, and blockchains to generate tax filings.
This incident highlights broader risks associated with third-party vulnerabilities in the security of cryptocurrency data.
