Tanaya Macheel reports on what appears to be a very costly attack that involved bribing overseas agents:
Coinbase on Thursday reported that cyber criminals bribed overseas support agents to steal customer data to use in social engineering attacks. The incident may cost Coinbase up to $400 million to fix, the company estimated.
The crypto exchange operator received an email on May 11 from someone claiming they obtained information about certain Coinbase customer accounts as well as other internal Coinbase documentation, including materials relating to customer-service and account-management systems, Coinbase reported in an SEC filing.
Read more at CNBC.
The company disclosed that although passwords and private keys were not compromised, the affected data included:
- Name, address, phone, and email
- Masked Social Security (last 4 digits only)
- Masked bank‑account numbers and some bank account identifiers
- Government‑ID images (e.g., driver’s license, passport)
- Account data (balance snapshots and transaction history)
- Limited corporate data (including documents, training material, and communications available to support agents)
In its blog post, the company also stated what it was doing in response to the attack, including:
$20 million reward fund— Instead of paying the $20 million ransom, we’re establishing a $20 million reward fund for information leading to the arrest and conviction of the attackers. Email [email protected] if you have information on these bad actors.