HubSpot has begun an investigation into a cyberattack after determining unauthorized access attempts against a "limited number" of its customers' accounts, according to TechCrunch.
"HubSpot triggered our incident response procedures, and since June 22, we have been contacting impacted customers and taking necessary steps to revoke the unauthorized access and protect our customers and their data," said Alyssa Robinson, Chief Information Security at HubSpot, in response to TechCrunch.
However, the CRM software company has not provided additional details about the impact of the cybersecurity incident, including the number of potentially affected clients and communications with its attackers but the official statement mentioned a rough estimate: “While our investigation is still underway, we believe, based on our initial assessment, that the bad actors were able to gain unauthorized access to less than 50 HubSpot accounts.”
A similar incident occurred in March 2022, when "a bad actor had gained unauthorized access to a portion of our internal systems and a small number of customer accounts." This allowed hackers to access and export contact data using the employee's access to several HubSpot accounts.