Coinbase revealed that it suffered a data breach that affected less than 1% of its active monthly users, according to the May 15 statement.
Following the hack, the exchange CEO Brian Armstrong said the perpetrators tried to extort it of $20 million in Bitcoin.
How Coinbase was breached
According to the exchange, the threat actors recruited and bribed a group of overseas support agents with access to its internal systems.
These insiders leaked sensitive data, which allowed the threat actors to impersonate Coinbase staff and carry out social engineering scams.
According to the firm, the compromised data included names, contact details, identity documents, and masked bank and social security information.
However, Coinbase stressed that its users’ login credentials, private keys, and core infrastructure, including Prime wallets, remained secure.
Meanwhile, the company has terminated the compromised insiders and vowed to pursue legal action against them. It is also working with law enforcement agencies to investigate the breach.
Coinbase further announced that it will compensate affected users.
The attackers attempted to extort $20 million from the firm following the breach. However, Coinbase rejected the demand, stating:
“We will not pay the $20 million ransom demand we received. Instead we are establishing a $20 million reward fund for information leading to the arrest and conviction of the criminals responsible for this attack.”
ZachXBT’s connection
While Coinbase has not confirmed any direct links, blockchain investigator ZachXBT noted that the breach aligns with previous social engineering attacks he has reported.
In a response to the Coinbase announcement, ZachXBT said:
“Indeed there’s a lot of Coinbase user thefts I posted tied to the group.”
Over recent months, ZachXBT has detailed how Coinbase users have collectively lost hundreds of millions of dollars to elaborate phishing and impersonation tactics. He estimated that such scams cost the exchange users more than $300 million yearly.
However, Wintermute CEO Evgeny Gaevoy believed the current rigid regulatory frameworks allowed these attacks to flourish.
According to him:
“This is the dark side of the idiotic and nonsensical kyc/aml regime we live in. Making life marginally convenient for law enforcement and geopolitical games, while sacrificing our privacy, imposing a massive tax on pretty much all businesses, and making it easier for criminals to rob, kidnap and do crime.”
The post Coinbase resists $20 million Bitcoin ransom demand after insider-led data breach appeared first on CryptoSlate.
Coinbase revealed that it suffered a data breach that affected less than 1% of its active monthly users, according to the May 15 statement. Following the hack, the exchange CEO Brian Armstrong said the perpetrators tried to extort it of $20 million in Bitcoin. How Coinbase was breached According to the exchange, the threat actors
The post Coinbase resists $20 million Bitcoin ransom demand after insider-led data breach appeared first on CryptoSlate. Crime, Exchanges, People, Technology, Coinbase, Zachxbt CryptoSlate
