Crypto exchange Coinbase hacked, thousands of customers lose money

#Cryptocurrency #CyberCrime #Hacking

Hackers attacked Coinbase and stole cryptocurrency from 6000 accounts
They took advantage of a flaw in company's MFA system
The company have fixed the flaw and reimbursing the affected customers

Written By:Devanshu

Updated: October 04 2021 03:40:43 AM ET

American cryptocurrency exchange Coinbase was hacked, the company said in a release, adding cybercriminals stole from at least 6,000 customers’ accounts. Coinbase operates remote-first and does not have a physical office. The cyberattack was committed between March and May 2021.

Also Read | Pandora Papers: A look at top 5 major leaks across the world

According to a breach notification letter sent by Coinbase to its affected customer, an unauthorized third party took advantage of a flaw in the company’s SMS account recovery process to gain access to the accounts, and transfer funds to crypto wallets not associated with Coinbase.

Also Read | Top 5 cryptocurrencies of the day: BTC down by -0.55%, BLIZZ trends at No. 1

Even if a hacker has access to a customer’s credentials they can’t log in to an account if a customer has enabled multi-factor authentication.

When you turn on multi-factor authentication you can’t log in to an account until you enter a One-Time Password (OTP) sent through an authenticator app or SMS text.

Also Read | Elon Musk finally puts his pet ‘Floki’ in a ‘Frunk’, prices surge 992%

The third party took advantage of a flaw in Coinbase’s SMS Account Recovery process to receive an SMS two-factor authentication token and gain access to customer accounts.

The third party also had full access to an account, customers’ personal information was also exposed, including their full name, email address, home address, date of birth, IP addresses for account activity, transaction history, account holdings, and balances.

Also Read | What are the Pandora Papers?

Phishing attacks or other social engineering techniques could have been used to trick a victim into unknowingly disclosing login credentials to a bad actor.

The company said that they have fixed the flaw and have worked with the affected customers to regain control of their accounts and reimbursement of the funds they lost.

Also Read | Let it fly: Elon Musk says US should avoid regulating cryptocurrency market

The company is depositing funds in affected customer accounts equal to the stolen amount.

The customers are now recommended to change their email and Coinbase account passwords and enable the MFA method.

Customers should remain careful about targeted phishing emails or SMS texts that attempt to steal credentials using information exposed in the breach.

Also Read | Bitcoin will be here even if most cryptocurrencies fail

Meanwhile, this is not the first chance when Coinbase’s customers have faced issues due to the flaws in their MFA system. In August, Coinbase notified its 125,000 customers that their two-factor authentication settings have changed but later, the exchange said that the notification was sent by mistake.

Quick Links

About Us

Sitemaps

Crypto exchange Coinbase hacked, thousands of customers lose money

Related Articles

Former FTX CEO Sam Bankman-Fried faces potential 115-year prison sentence for fraud and money laundering

Was Blueface’s phone stolen and hacked? Rapper denies posting newborn son’s genitals

Is Donald Trump Jr’s X account hacked? Ex- president’s son announces father’s death, calls Biden the n-word

Sam Bankman Fried family: Know about father Joseph, mother Barbara, and brother Gabriel

Did Lil Tay fake own death to promote crypto coin launch? Fans refuse to believe Instagram hacking story

Who is Richard Heart?