Crypto exchange Coinbase was the target of an attack that resulted in stolen customer data and potentially $400 million in damages.
The company reported that a group of bad actors had been approaching its overseas contractors for months, attempting to bribe them into releasing customer information.
Once the criminals succeeded, they threatened to leak the data unless Coinbase paid a $20 million ransom in bitcoin. Although the company refused to pay and notified law enforcement agencies, it has decided to cover reimbursement expenses ranging from $180 million to $400 million for customers who have been or may be scammed by bad actors using the stolen data.
Coinbase noted that no passwords, private keys, funds, or Coinbase Prime accounts were compromised, and that less than 1% of its monthly transacting users were impacted by the attack. Additionally, the company announced a $20 million reward for information leading to the arrest and conviction of those responsible for the scheme.
A Prime Target
Employees have increasingly become targets for cybercriminals aiming to gain access to company data.
Financial organizations are prime targets because they hold troves of personal and financial data—this is why hackers targeted the U.S. Office of the Comptroller of the Currency, which monitors the activities of all U.S. financial institutions and has significant access to highly sensitive information.
As the largest crypto exchange in the U.S., Coinbase has leveraged the surging interest in digital assets by making large acquisitions and introducing new technologies. Given the company’s global scale, the likelihood that Coinbase would become a target for criminals has increased.
Intensifying the Vetting Process
Attacks designed to manipulate consumers or employees into revealing protected data have become increasingly creative, making fraud an issue that businesses can no longer afford to ignore.
Coinbase noted that after detecting the breach, it terminated the employees involved, warned impacted customers, and beefed up its fraud defenses.
Another ramification of this attack is that it will likely prompt the crypto exchange—and other financial services companies—to reevaluate contractor relationships and more thoroughly vet the employees who have access to protected customer data.
