Disclaimer: Information found on CryptoreNews is those of writers quoted. It does not represent the opinions of CryptoreNews on whether to sell, buy or hold any investments. You are advised to conduct your own research before making any investment decisions. Use provided information at your own risk.
CryptoreNews covers fintech, blockchain and Bitcoin bringing you the latest crypto news and analyses on the future of money.
Koinly, a well-known cryptocurrency tax optimization software, has alerted its users about a potential data breach involving email addresses following a security incident with a third-party service provider.
The organization stated that the issue did not originate from its systems and emphasized that sensitive financial and tax-related details remain secure.
Source: degeneratenews
In a communication to its customers, Koinly mentioned that the incident was linked to Mixpanel, an analytics service utilized to analyze product usage and improve user experience.
Details of the Breach: Koinly Responds to Third-Party Security Incident
Third-party breaches occur when attackers target vendors or service providers with access to user data, often exploiting weaker security measures to indirectly obtain sensitive information.
Such attacks are common in both the cryptocurrency sector and other industries.
Koinly reported that Mixpanel revealed in November that one of its systems had been compromised, leading to unauthorized access to certain user accounts and associated data.
The exposed information may have included names, email addresses, approximate location details such as city or country, and device information like operating system and browser version.
Koinly stated that its internal investigations indicated that it did not share any wallet details, transaction histories, tax documents, or portfolio information with Mixpanel.
The company also reassured that its primary systems remained intact, and there was no unauthorized access to user accounts or financial records stored within Koinly.
Following the incident, Koinly ceased using Mixpanel and began a comprehensive review of other third-party services that handle user information.
The organization did not disclose the number of potentially affected users or specify the timeframe of the data exposure. It mentioned that it is still working with Mixpanel to determine the full scope of the incident.
While Koinly asserted that it had no indication that the exposed information had been misused, it cautioned users to be vigilant against potential phishing attempts.
Related Posts
The company also recommended that users verify that any communication claiming to be from Koinly comes from its official domain.
As Crypto Theft Reaches $3.4B, Third-Party Risks Under Scrutiny
Koinly serves over 1.5 million users globally and operates in more than 20 nations.
The platform automatically retrieves transaction data from over 900 exchanges, wallets, and blockchains, categorizes the transactions, calculates gains and losses, and generates tax filings for tax authorities.
Source: Koinly
The extensive size and reach of Koinly mean that even a minor data exposure can be concerning for users who rely on it to manage sensitive financial information.
The recent security breaches in the cryptocurrency market and the technology sector underscore the dangers posed by third-party hacks.
In September, Swiss crypto platform SwissBorg suffered a loss exceeding $41 million in Solana tokens after attackers compromised an API provider linked to one of its partner services.
SwissBorg hit by $41.5M $SOL hack after API compromise amid cascade of crypto security failures, including Nemo and Aqua exploits.#CryptoHack #Solanahttps://t.co/ztUl2s0yxv
— Cryptonews.com (@cryptonews) September 8, 2025
In October, Discord confirmed that they had unauthorized access to their third-party Zendesk support system after announcing that hackers had stolen millions of government ID images.
The DeFi protocol Abracadabra also faced multiple exploits this year due to vulnerabilities in its code, highlighting the breadth of risks associated with infrastructure attacks.
A new Abracadabra DeFi hack has resulted in a $1.8M loss for the protocol, marking the third major exploit since 2024. #DeFi #Abracadabra #hackhttps://t.co/ZQ0gSlGNZy
— Cryptonews.com (@cryptonews) October 6, 2025
A new Abracadabra DeFi hack has resulted in a $1.8M loss for the protocol, marking the third major exploit since 2024. #DeFi #Abracadabra #hackhttps://t.co/ZQ0gSlGNZyChainalysis industry statistics indicate that cryptocurrency thefts exceeded $3.4 billion in 2025, with losses increasingly concentrated in a few extreme cases.
The post Koinly Warning: Third-Party Breach Exposes User Emails – Is Your Tax Data Safe? appeared first on Cryptonews.
