Coinbase-Hack reveals the crypto susceptibility to the old school: bribery

Coinbase Global (coin) often advertises how “the financial system of the future builds up”, but last week the exchange of cryptocurrency made it disclosed, which emphasized how vulnerable it was for a very old -fashioned form of crime: bribe.

Cyberattackers have accessed addresses, addresses, state images, transaction history and accounts of customer images that made less than 1% of its monthly transactions from users, said Coinbase and demanded a ransom payment of $ 20 million.

How did criminals get this information? According to the company by briberating customer service employees in retail in India.

The disclosure of data injuries interrupted a coronation moment for Coinbase when they followed the S&P 500 (^GSPC) after a pioneering acquisition of crypto options Exchange Deribit for 2.9 billion US dollars.

Bloomberg reported on Monday that the Ministry of Justice is now investigating the hack. Paul Grewal, the company's Chief Legal Officer, said Bloomberg that Coinbase made the matter aware of the Doj and that the company itself is not examined.

The Coinbase share fell by 7%on the day of the announcement. Since then it has recovered and has declined around 1% compared to his closing course the day before the violation.

Nasdaqgs – delayed quote USD

At the end: May 21 at 4:00 p.m.

Devin Ryan, head of financial technology research at Citizens Financial Group (CFG), does not see the violation as “as a fundamental problem with the company, but rather as meals that you now have to take the consequences and hopefully have to learn”.

“This is a topic that works out from employees and also from a process,” added Ryan.

As early as December 26, 2024, the criminals began to overthrow the names and addresses of Coinbase customers. According to the submission, around 69,461 people affected now have a higher risk of identity theft or fraud.

The company immediately dismissed workers who looked at customer data inappropriately, expanded fraud protection and, according to a SEC registration, already notified the customers in December.

The CEO of Coinbase, Brian Armstrong, published a video about X last week with the violation, in which he explains that Coinbase instead of paying the ransom, but rather a reward or premium premium of $ 20 million for information on the arrest and conviction of the attackers.

He also said the company alerted affected customers and plans to reimburse those affected and to move part of his support operations.

Brian Armstrong, CEO of Coinbase, speaks at a stand with a crypto rally in Los Angeles in 2024 (Jason Armond/Los Angeles Times about Getty Images) · Jason Armond about Getty Images

“No, we won't pay for your ransom,” said Armstrong, addressing the attackers during the video.

A preliminary estimate of the cost of the incident is “approx. 180 to 400 million US dollars,” said Coinbase in a Secl.

In the crypto world there is concern that large account holders could become targets of physical attacks.

Reports about attacks that generally target crypto numbers have risen this year. A public database created by Jameson Lopp, co-founder and Chief Security Officer of the Bitcoin security provider Casa, shows 23 physical attacks against crypto people and companies worldwide this year.

Although not every physical attack is reported, this number is almost three times as high as in the same period of the previous year.

It is also by far the highest number since the database started tracking such incidents in December 2014 when Bitcoin was much less popular and valuable.

Three of this year's attacks were tried to kidnap kidnapping from crypto executives or their relatives in France, including two in which the victims had lost a finger when their kidnappers were looking for both ransom and access to their crypto money exchanges.

Bloomberg has reported that a prominent coinbase customer has already been made to hand over money and quoted an artist in Los Angeles who told the news agency that he had lost $ 2 million.

The two biggest competitors of Coinbase-Binance and octopuses in the USA-Hatten “social engineering” attacks, but both have repaid data injuries from similar attacks, said Bloomberg.

“Although Coinbase may be the world worldwide when it comes to granting people access to crypto, there are many aspects of their business practice that are likely to be based on the practices of traditional organizations,” said Evin McMullen, co-founder of AI-Operated Digital Identity Project Privado ID, to Yahoo Finance.

Armstrong provided more details about his thoughts about the incident this week when he replied to a contribution by Techcrunch founder and self-proclaimed coin base investor Michael Arrington, who claimed that the data injury would “lead to people die”.

“The data has not yet been unloaded in the dark network. We will see if that applies,” said Armstrong as part of a lengthy answer to Arrington on Tuesday.

The CEO also showed doubts that the use of customer service employees was to blame overseas.

“The location of the support agents that I do not believe is a perfect solution because the quantities they offered were also powerful for people in parts of the USA, but it is possible that it could be helpful,” he added.

A Coinbase spokesman said that Armstrong's comments are still keeping.

David Hollerith is a senior reporter from Yahoo Finance, covers banking, crypto and other financial areas.

Click here to change the latest stock exchange messages and events to move the share prices

Read the latest financial and business news from Yahoo Finance

Leave a Comment Cancel reply