why trust img

Why Trust Web3Bet

Our team of experts has independently reviewed and evaluated all the products and services featured on this page to ensure you receive accurate and reliable information

Stake has notified customers about a security incident involving Mixpanel, a third-party analytics service used to track product usage. According to Stake, attackers accessed Mixpanel’s systems, not Stake’s infrastructure and exported files containing certain Stake user profile details.

The company emphasized that passwords and funds remain safe and that there is no evidence of unauthorized access to Stake’s platform itself. The main impact, Stake says, is exposure of personal data that could be used to craft convincing scams.

What was exposed and why it matters now

Stake says Mixpanel confirmed the compromised dataset included usernames, email addresses, dates of birth, and phone numbers. Mixpanel has described the incident as stemming from an SMS phishing (“smishing”) campaign that led to unauthorized access and data export affecting a limited number of customers.

That combination of data is especially useful for criminals: even without passwords, it can fuel targeted phishing (fake “account verification” messages, login alerts, or withdrawal prompts), SIM-swap attempts, and waves of spam. Stake is urging users to stay cautious and to strengthen account security with passkeys or, where unavailable, two-factor authentication.

What Mixpanel is and why it’s in the spotlight

Mixpanel is a product analytics platform used by many digital services to understand user behavior and improve funnels, retention, and UX. In practice, that often means the analytics vendor can store or process identifiers like emails (or other profile fields) alongside event data, which makes it a high-value target for attackers.

The same Mixpanel incident has been referenced by other companies in recent weeks. For example, OpenAI disclosed that Mixpanel informed them of unauthorized access and export of a dataset containing limited customer-identifiable and analytics information tied to some API users, and it warned impacted users to be vigilant about phishing.

Source: https://t.me/reg2bet/6897