On March 18, 2022, HubSpot, learned that a bad actor had gained unauthorized access to a portion of our internal systems and a small number of customer accounts. In the weeks following this incident, HubSpot worked with outside resources to perform the rigorous analysis required to understand the nature and the scope of this event. This investigation is now complete, and we are updating this page to provide transparency on the findings.
We terminated access for the compromised HubSpot employee account. We then launched a wide-scale investigation to ensure we fully understood the event. We engaged a third-party forensics firm on this investigation to partner with our internal teams.
We partnered closely with the forensics firm and outside legal counsel to ensure we fully understood the event. When the investigation with the forensics firm concluded, HubSpot reviewed the findings of the investigation and has since shared any relevant information with impacted customers.
The investigation of the bad actor’s activity confirmed that this was a targeted attack focused on customers in the cryptocurrency industry. There was no evidence of suspicious activity within targeted customer accounts after March 18, 2022.
We have notified all customers whose customer data was impacted by the incident. If you are a customer that did not receive a notification from HubSpot regarding this incident, then the customer data in your account was not affected.
Since the incident, we have taken steps to enhance our security and to prevent a similar attack from occurring in the future. While our investigation has concluded and remediation completed, we remain committed to improving our security through regular assessments and testing.
For more information on our Security program, please visit our Security page where you can find our SOC2 reports and Security Overview.
This page was last updated at 9:00 a.m. ET on July 11, 2022