Coinbase, the USA’s largest cryptocurrency exchange with more than 100 million users, has confirmed that it was recently the target of a cyber attack. The firm has revealed that cybercriminals working with rogue support agents stole the data of users and demanded a ransom not to release the stolen information.
A recent cyber attack cost Coinbase nearly $400 million
Coinbase co-founder and CEO Brian Armstrong has revealed in a video that cyber attackers demanded a ransom of $20 million, which the company has refused to pay. Instead, the firm is offering a reward of the same amount for information leading to the arrest and conviction of those responsible.
The cyber attack will cost Coinbase somewhere between $180 million and $400 million. The company has revealed this information in a filing with the US Securities and Exchange Commission.
Coinbase said this figure came from “remediation costs and voluntary customer reimbursements.” However, this figure could change as a result of “potential losses, indemnification claims, and potential recoveries.”
Rogue support agents helped the hackers
The cryptocurrency exchange has revealed that unknown cyber threat actors paid off a small group of outsourced support agents of the platform. They used these agents to access and steal information from internal customer support systems. Notably, the breach affected less than 1 percent of monthly transacting users.
As per reports, the hackers stole customer data, including names, addresses, phone numbers, and emails. Furthermore, they stole masked social security numbers, masked bank account numbers, some identifiers, government ID photos, account balances and transaction history, and limited internal documents as well as communications.
Coinbase stated that cyber attackers did not compromise any login credentials, 2FA codes, private keys, or user funds directly. However, some users fell victim to misleading information and voluntarily sent crypto to the hackers. The company’s CEO has warned that the hackers may utilize the stolen data in an attempt to launch social engineering attacks. This means they can impersonate Coinbase to trick some customers into transferring their funds.
It’s important to note that Coinbase will reimburse customers misled into sending funds to the attacker. The company has laid off the staff members who collaborated with the hackers. Also, Coinbase told its customers to expect further attempts from attackers in the future and advised them to be vigilant.
