Release Details

HubSpot’s Statement Regarding June 22, 2024 Security Incident

June 28, 2024

July 1, 2024 update: HubSpot continues to investigate this incident, however as of 11:00 am ET on July 1, 2024, we have seen no new instances of unauthorized access in over 90 hours. We have contacted all impacted customers at this time. We will post an update at the end of the investigation.


On June 22, 2024, HubSpot identified a security incident that involved bad actors targeting a limited number of HubSpot customers and attempting to gain unauthorized access to their HubSpot accounts. 

HubSpot triggered our incident response procedures, and since June 22, we have contacted impacted customers and taken necessary steps to revoke the unauthorized access to protect our customers and their data. In addition, the HubSpot Security team has been actively investigating and blocking attempts to gain access to customer accounts. 

While our investigation is still underway, we believe based on our initial assessment that the bad actors were able to gain unauthorized access to less than 50 HubSpot accounts. 

As of 4:00 pm ET, June 28, we have seen no new instances of unauthorized access in the last 24 hours, and we have contacted all impacted customers at this time. 

Though the investigation is ongoing, based on our current assessment of the incident, we believe that the impact will be isolated to a small subset of the HubSpot customer base. We will post an update at the end of the investigation in the spirit of continued transparency.

 

HubSpot (NYSE: HUBS) is the customer platform that helps businesses connect and grow better. HubSpot delivers seamless connection for customer-facing teams with a unified platform that includes AI-powered engagement hubs, a Smart CRM, and a connected ecosystem with over 1,500 App Marketplace integrations, a community network, and educational content. Learn more at www.hubspot.com.


Public Relations Contact
media@hubspot.com