Shuffle Says Third-Party CRM Breach Exposed User Data, Warns of Phishing Risk

Overview

• Founder Noah Dummett said the incident stemmed from CRM provider Fast Track and likely affected a majority of users.
• Shuffle reports that contact details collected through the CRM were exposed, and it cautions users about targeted phishing attempts.
• The platform says it will not request passwords or payments over email and is advising users to avoid suspicious links and monitor accounts.
• An investigation is underway to determine the breach’s origin, and Shuffle plans to swap CRM providers and tighten third‑party system access.
• With Shuffle ranked among the top ~15,000 global sites, the potential reach is significant, underscoring a broader industry problem of off‑chain vendor vulnerabilities and social‑engineering threats.