Coinbase Admits Getting Compromised: At Least 6,000 Users Affected

The largest US-based cryptocurrency exchange has admitted to being exploited earlier this year when hackers stole assets from approximately 6,000 users. The company vowed to reimburse all affected users.

  • According to a copy of the letter sent to the affected customers, which was available on the website of California’s Attorney General, the exploits took place somewhere between March and May 20th this year.
  • It reads that an unauthorized third party had gained access to the accounts of at least 6,000 Coinbase clients and drained an undisclosed amount of funds from there.
  • The exchange explained that the security breach became possible because the perpetrators had “prior knowledge of the email address, password, and phone number” associated with each account.
  • The letter said that Coinbase has failed to determine how “these third parties gained access to this information.” It explained that these types of activities typically involve phishing attacks or other social engineering techniques to “trick a victim into unknowingly disclosing login credentials to a bad actor.”
  • Although Coinbase asserted that even if the perpetrators had access to the aforementioned information, they would still need additional authentication to access the accounts. However, the two-factor authentication through SMS texts had a flaw, which they were able to exploit.
  • “The third party took advantage of a flaw in Coinbase’s SMS Account Recovery process in order to receive an SMS two-factor authentication token and gain access to your account.”

  • Ultimately, the perpetrators were able to transfer the funds out of the compromised accounts.
  • The exchange promised it had upgraded its authentication and other security protocols. Additionally, Coinbase vowed to deposit funds into the affected account “equal to the value of the currency improperly removed” during the time of the incidents.
  • Some customers have already received the reimbursement, while the remaining should be completed “no later than today.”
  • It’s worth noting that these incidents had taken place approximately at the same time when the giant exchange became a publicly traded company. Coinbase’s shares went live for trading on Nasdaq in April this year.