Coinbase has sent out breach notification letters to at least 6,000 customers notifying them that their funds have been stolen by hackers.
Crypto exchange Coinbase has disclosed that between March and May 2021, third parties gained unauthorised access to the accounts of Coinbase customers and moved customer funds off the Coinbase platform.
”In order to access your Coinbase account, these third parties first needed prior knowledge of the email address, password, and phone number associated with your Coinbase account, as well as access to your personal email inbox,” the firm explained in a breach notification letter.
”While we are not able to determine conclusively how these third parties gained access to this information, this type of campaign typically involves phishing attacks or other social engineering techniques to trick a victim into unknowingly disclosing login credentials to a bad actor.”
There has been no evidence to suggest that third parties obtained this information from Coinbase itself. However, it appears that threat actors were able to exploit a vulnerability to bypass the company’s SMS multi-factor authentication security feature.
The crypto exchange has since updated its SMS Account Recovery protocols.
Coinbase informed its customers that it would reimburse customers the full value of their losses, and provide free credit monitoring to affected customers.
The exchange has also been working closely with law enforcement to support its investigation into the threat actors behind this incident. An internal investigation is currenly underway.