Coinbase User Data Leaked After Insider Scam, But No Funds Stolen

Key Insights:Criminals bribed overseas agents to steal Coinbase user data.Coinbase declined the ransom and launched an internal security overhaul.Social engineering scams cost Coinbase users over $90 Million.A recent security incident exposed critical weaknesses in the overseas customer support operations of Coinbase. Criminals succeeded in accessing personal data belonging to less than 1% of the platform’s monthly transacting users.Source: XThey achieved this by bribing outsourced customer support agents, leading to a targeted social engineering scheme. The attackers then demanded $20 Million in extortion from Coinbase to cover the breach.The company declined to pay the demand, launched an investigation, reinforced its controls, and committed to reimbursing affected customers.Coinbase Data Breach: Insider Threats and Phishing RisksAccording to Coinbase, the attackers specifically targeted foreign-based support agents. Using bribes, they persuaded a limited number of insiders to extract sensitive user data from internal tools.This information included names, addresses, emails, and phone numbers. Attackers accessed masked Social Security numbers and partial bank details. They also obtained government-issued ID images and account data like balance snapshots and transaction history.A small amount of internal corporate material was also compromised, including training documents and communications. However, the attackers failed to access critical security assets.Coinbase confirmed that no passwords, private keys, two-factor authentication codes, or access to funds were compromised.Additionally, the breach did not affect Coinbase Prime clients or the company’s hot and cold wallets. The primary aim was to gather user data to facilitate phishing and impersonation scams.Coinbase Responds With Security OverhaulRather than paying the ransom, Coinbase promised to build an internal security apparatus. Customers who were affected were notified directly. The company promised to reimburse all users tricked into sending money to the attackers.Coinbase strengthened security for at-risk accounts by requiring ID checks for large withdrawals. It also added scam-awareness reminders to help users stay alert during transactions.The firm also opened another customer support hub in the United States. This initiative looks to limit the risk of such insider attacks by moving instruments of sensitive operations in-house.The system also includes improved monitoring, insider-threat detection, and automation of threat simulations. Additionally, Coinbase established a $20 million reward fund for information that can be used to identify the attackers.Law enforcement agencies in the United States and internationally have been alerted. Insider agents found to be involved were terminated and referred for criminal prosecution.Coinbase is working with law enforcement to track stolen funds. The assets have been tagged to monitor their movement.Social Engineering Losses Among Coinbase UsersCoinbase is working to resolve an internal breach. On-chain analyst ZachXBT has highlighted a larger issue affecting its users. His recent findings show that users have lost over $90 Million in just two weeks. These losses resulted from social engineering scams.Source: ZachXBT on XThese schemes specifically target Coinbase customers. They use impersonation, phishing links, and other manipulative tactics to steal sensitive data and access funds.ZachXBT, working with fellow investigator Tanuki42, has tracked this pattern over several months. Coinbase users have been the primary victims of these scams. The estimated annual losses could reach $330 Million.With past alerts, these fraudulent activities have continued to affect users adversely. In one recent example, victims lost $45 Million in a week.A similar case the week prior resulted in an additional $46 million loss. These scams typically involve attackers pretending to be Coinbase representatives, requesting urgent account updates or action from users.Ripple’s CTO, David Schwartz, had warned about a similar phishing attempt in January. He had received an email impersonating Coinbase.DisclaimerIn this article, the views and opinions stated by the author or any people named are for informational purposes only, and they don’t establish the investment, financial, or any other advice. Trading or investing in cryptocurrency assets comes with a risk of financial loss.godfrey mwirigiThe post Coinbase User Data Leaked After Insider Scam, But No Funds Stolen appeared first on The Market Periodical.