In recent days, Coinbase, the largest U.S.-based cryptocurrency exchange, has fallen victim to a major cyberattack. Hackers allegedly bribed employees of an external customer service provider to gain access to confidential user data and demanded a $20 million ransom in exchange for not disclosing the information.
According to Coinbase, the attackers obtained sensitive personal information, including names, addresses, phone numbers, partial Social Security numbers, and images of identity documents such as passports and driver’s licenses. Although they did not gain access to passwords, private keys, or users’ funds, the stolen data could be used to carry out phishing attacks by impersonating Coinbase employees to defraud customers.
The breach affected less than 1% of Coinbase users—approximately 97,000 individuals. The company has pledged to fully reimburse any customers who fall victim to scams resulting from the breach.
“Based on public reports and filings submitted to regulators, the breach likely resulted from actions by external contractors or trusted internal employees who were manipulated into providing access to sensitive internal systems and customer data,” said Oded Vanunu, Chief Technologist for Web 3.0 and Head of Product Vulnerability at Check Point Research.
After receiving the ransom demand, Coinbase CEO Brian Armstrong refused to pay and instead offered a $20 million reward for information leading to the identification and arrest of the perpetrators. Employees implicated in the leak were immediately terminated, and the company is cooperating with law enforcement to bring those responsible to justice.
“In the world of cryptocurrencies, trust is critical. Once attackers gain access to an organization’s internal systems, the consequences can escalate rapidly due to the irreversible nature of blockchain transactions and the high value of access to infrastructure and developer resources,” added Vanunu.
Coinbase announced plans to open a new U.S.-based customer support center and implement additional security measures to prevent similar breaches in the future. The total cost of the incident, including recovery efforts and customer compensation, is estimated to range between $180 million and $400 million.
Following the disclosure of the attack, Coinbase shares dropped by over 7%, delivering a significant blow to the company just as it was preparing for inclusion in the S&P 500 index.
Source: CEO.com.pl – Coinbase Suffers Cyberattack: Data Breach and $20M Ransom Demand
