- Rogue Coinbase support staff leaked user details to cybercriminals.
- The exchange said user funds are not affected.
- Critics say the breach shows the dangers of KYC.
Coinbase is reeling from a data breach that the crypto exchange says could cost it up to $400 million in customer remediation, according to a filing with the Securities and Exchange Commission
In a blog post on Thursday, Coinbase revealed a security breach that affected 1% of its monthly transacting users.
The company did not elaborate on the exact number of affected users.
The breach wasn’t a case of using sophisticated code to hack Coinbase; instead, it was a good old-fashioned bribe.
Login details
The bad actors ensnared a group of overseas customer support staff with cash offers in exchange for customer information, including personal identifying information like names, addresses, phone numbers, and partial authentication data.
However, the breach did not expose login details or private keys needed to access funds directly from user accounts.
Still, criminals can use the leaked details to launch social engineering attacks designed to trick unsuspecting victims into surrendering access to their funds.
CEO Brian Armstrong released a video statement on X in response to the incident. Armstrong said the company received a $20 million ransom note in exchange for not leaking the exposed database of customer information.
Armstrong said the company refused the ransom.
Arrest and conviction
“We are putting out a $20 million reward for any information leading to the arrest and conviction of these attackers,” Armstrong said.
The Coinbase CEO seemed to cast the incident as a criminal conspiracy, as he dubbed the attackers “extortionists” and their conspirators among the support staff as “bad actors” who have since been fired.
But crypto influencer Adam Cochran was among those with other theories, saying the incident was more of a technical failure that highlighted serious oversights in Coinbase’s employee vetting and data access controls.
Some critics also said the incident highlighted the need to do away with know-your-customer, or KYC rules, which require banks and other financial firms to vet clients and weed out suspected criminals.
For others, the timing of the Coinbase incident is unnerving.
Crypto users, already on edge after a string of violent robberies, abductions, and home invasions targeting cryptocurrency owners, could now face the added risk of having sensitive information floating in the hands of bad actors.
Osato Avan-Nomayo is our Nigeria-based DeFi correspondent. He covers DeFi and tech. Got a tip? Please contact him at osato@dlnews.com.
