IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Coinbase notifies 6,000 customers of data breach

Hackers exploited a 2FA flaw to steal hundreds of thousands in cryptocurrency

Coinbase has sent out letters to 6,000 customers informing them that of a data breach that led to hackers wiping cryptocurrency accounts.

The letter was sent months after customers started complaining that their accounts had been wiped, with CNBC reporting that the cryptocurrency exchange platform, which has 68 million users, had been criticised for lack of action regarding the heist.

Late last week, Coinbase confirmed that, between March and May 2021, 6,000 US customers had fallen victim to “a third-party campaign to gain unauthorized access to the accounts of Coinbase customers and move customer funds off the Coinbase platform”.

The funds were transferred to crypto wallets unassociated with Coinbase, the company stated in the letter, making the transactions impossible to retract. Some customers reported losing even $168,000 (£123,655), according to CNBC.

Not only did the threat actors manage to steal hundreds of thousands worth of cryptocurrency, but they also obtained personal information such as “full name, email address, home address, date of birth, IP addresses for account activity, transaction history, account holdings, and balance”.

The hackers managed to exploit “a flaw in Coinbase’s SMS Account Recovery process in order to receive an SMS two-factor (2FA) authentication token”.

Related Resource

HP Wolf Security: Threat insights report

Equipping security teams with the knowledge to combat emerging threats

Skyscrapers from belowFree download

However, in order to log in to users' accounts, they would also need information such as an email address, password, and phone number associated with the account, as well as access to customers’ email account.

Coinbase told the victims that it was “not able to determine conclusively how these third parties gained access to this information”.

However, the company pointed to the probable “phishing attacks or other social engineering techniques to trick a victim into unknowingly disclosing login credentials to a bad actor”. 

“We have not found any evidence that these third parties obtained this information from Coinbase itself,” it stated in the letter, which was sent around six months after the breach took place.

Victims of the heist will be reimbursed, Coinbase said, adding that “will ensure all customers affected receive the full value of what [they] lost”. Customers were asked to change their passwords to a stronger combination that hasn’t been used on different sites.

The company is also working with law enforcement to investigate the issue, describing the status of the investigation as “ongoing”.

Featured Resources

Activation playbook: Deliver data that powers impactful, game-changing campaigns

Bringing together data and technology to drive better business outcomes

Free Download

In unpredictable times, a data strategy is key

Data processes are crucial to guide decisions and drive business growth

Free Download

Achieving resiliency with Everything-as-a-Service (XAAS)

Transforming the enterprise IT landscape

Free Download

What is contextual analytics?

Creating more customer value in HR software applications

Free Download

Recommended

Mastering endpoint security implementation
Security

Mastering endpoint security implementation

18 May 2022
The Total Economic Impact™ of Apple Mac in Enterprise: M1 update
Whitepaper

The Total Economic Impact™ of Apple Mac in Enterprise: M1 update

12 May 2022
Dell Technologies World 2022: Dell unveils fastest storage architecture in company history
Server & storage

Dell Technologies World 2022: Dell unveils fastest storage architecture in company history

4 May 2022
Dell Technologies World 2022: Dell unveils security offerings for major cloud providers
public cloud

Dell Technologies World 2022: Dell unveils security offerings for major cloud providers

3 May 2022

Most Popular

Open source packages with millions of installs hacked to harvest AWS credentials
hacking

Open source packages with millions of installs hacked to harvest AWS credentials

24 May 2022
Europe's first autonomous petrol station opens in Lisbon
automation

Europe's first autonomous petrol station opens in Lisbon

23 May 2022
Nvidia pauses hiring to help cope with inflation
Careers & training

Nvidia pauses hiring to help cope with inflation

23 May 2022