Coinbase Discloses 6,000 Customers Lost Funds After a Hack

October 3, 2021

Cryptocurrency exchange Coinbase shared that least 6,000 users became victim of a hack that gained unauthorized access to their accounts. The hackers took advantage of a flaw in Coinbase’s SMS Account Recovery process to gain access to accounts.

According to a letter that Coinbase had sent to affected users and was shared on the website of California’s Attorney General, the hackers had secured e-mail addresses, passwords, and phone numbers associated with the impacted accounts.

“Unfortunately, between March and May 20, 2021, you were a victim of a third-party campaign to gain unauthorized access to the accounts of Coinbase customers and move customer funds off the Coinbase platform. At least 6,000 Coinbase customers had funds removed from their accounts, including you.”

Coinbase confirmed that there is no sign of any sensitive personal information taken from the exchange.

“While we are not able to determine conclusively how these third parties gained access to this information, this type of campaign typically involves phishing attacks or other social engineering techniques to trick a victim into unknowingly disclosing login credentials to a bad actor.”

The Nasdaq listed exchange has updated its SMS Account Recovery protocols “to prevent any further bypassing of that authentication process.” The exchange also said to fully reimburse affected customers.

“We will be depositing funds into your account equal to the value of the currency improperly removed from your account at the time of the incident. Some customers have already been reimbursed — we will ensure all customers affected receive the full value of what you lost. You should see this reflected in your account no later than today.”

The case is not close as Coinbase stated it will conduct a thorough internal investigation as to how this could have happened. In addition, the company is working with law enforcement to find out who was behind the hack campaign.

The post Coinbase Discloses 6,000 Customers Lost Funds After a Hack appeared first on

Go to Source
Author: Peter Siu

Author RSSBot