Cryptonews Bitcoin News At Least 6,000 Coinbase Clients Robbed This Spring, Exchange Reimburses Losses

At Least 6,000 Coinbase Clients Robbed This Spring, Exchange Reimburses Losses

Linas Kmieliauskas
Linas Kmieliauskas
Last updated: | 1 min read
Source: Coinbase

US-based crypto exchange giant Coinbase confirmed that between March and May 20th, 2021, a threat actor stole cryptocurrency from at least 6,000 customers after using a vulnerability to bypass the company’s SMS multi-factor authentication security feature, BleepingComputer reported, citing a Coinbase notification to customers.

Coinbase confirmed to Cryptonews.com that the notification is authentic.

In either case, on September 27, the exchange also confirmed that between April and early May 2021, their security team “observed a significant uptick in Coinbase-branded phishing messages targeting users of a range of commonly used email service providers.” Back then, the exchange said that “in a small number of cases they were able to use that information to impersonate the user, receive an SMS two-factor authentication code, and gain access to the Coinbase customer account.” However, no specific numbers were provided.

Meanwhile, per BleepingComputer, to conduct the attack, the attackers needed to know the customer’s email address, password, and phone number associated with their Coinbase account and have access to the victim’s email account. 

Also, Coinbase states a vulnerability existed in their SMS account recovery process, allowing the hackers to gain the SMS two-factor authentication token needed to access a secured account, the report said. Customers’ personal information was also exposed, including their full name, email address, home address, date of birth, IP addresses for account activity, transaction history, account holdings, and balances, it added.

Per the notification, Coinbase is depositing funds in affected accounts equal to the stolen amount and some customers have already been reimbursed.

Also, the exchange encouraged their clients to:

  • Use even stronger than SMS-based two-factor authentication, such as time-based one-time password (TOTP) or a hardware security key,
  • Change the password on your Coinbase account to a new, strong, and unique password that you do not use on any other site,
  • Monitor your personal accounts and free credit reports for any suspicious activity,
    consistent with best practices for the next 12-24 months.
     

____
Learn more: 
How to Prevent Crypto Theft – And Whom to Blame When It Does Happen 
SushiSwap’s MISO Suffers USD 3M Attack, Contract Thefts May Rise

A Tale of Two Hacks: Poly Hacker Bows Out, Liquid to Restore Operations 
Crypto Sector World’s 3rd Industry in Phishing Attacks Growth

Coinbase Crime Cryptocurrency Security

Most Popular

Bitcoin News
Veteran Trader Peter Brandt Predicts Major Bitcoin Price Action Coming Soon – Here’s the Latest
Bitcoin News
67% Nigerians Trust in Bitcoin for Life Savings than Traditional Methods: Research
Altcoin News
New US Senate Bill Could Encourage Banks to Enter Stablecoin Market: S&P Global
NFT News
Manchester City Teams Up with Quidd to Launch Digital Collectibles and Fan Experiences
Blockchain News
CoinPoker Offers Free Entry for Crypto Series of Poker Main Event
Blockchain News
What’s Happening In Crypto Today? Daily Crypto News Digest

Latest news

Bitcoin News
67% Nigerians Trust in Bitcoin for Life Savings than Traditional Methods: Research
Altcoin News
New US Senate Bill Could Encourage Banks to Enter Stablecoin Market: S&P Global
NFT News
Manchester City Teams Up with Quidd to Launch Digital Collectibles and Fan Experiences
Blockchain News
CoinPoker Offers Free Entry for Crypto Series of Poker Main Event
Blockchain News
What’s Happening In Crypto Today? Daily Crypto News Digest
Altcoin News
Crossover Markets’ Digital Asset Exchange Surpasses $3.15 Billion in Trading Volume in Q1 2024
Altcoin News
Instagram Influencer ‘Jay Mazini’ Sentenced to 7 Years in Prison for Multi-Million Dollar Crypto Ponzi Scheme

Similar News