Coinbase released a hack notification this week stating that at least 6,000 user accounts were victims of hackers. The exchange stated that the breach occurred between March and May of this year.
what we know
The message indicates that unauthorized third parties exploited Coinbase’s SMS account recovery process and transferred users’ funds to accounts outside Coinbase. However, the company added that in order to do this, those third parties must have email addresses, passwords, and phone numbers – in addition to email access.
Coinbase believes that users have fallen victim to a phishing attack, or equivalent, in order to disclose this information, and that there is no evidence to support that the information was taken directly from Coinbase. The exchange states that the account recovery protocols around SMS were updated after Coinbase detected the issue.
The letter closes that some accounts have already been paid and that all accounts will be fully compensated equivalent to any losses incurred. The letter was also posted on the California attorney general’s website.
Since going public earlier in the year, COIN has faced substantial headwinds, with less-than-stellar stock market performance. | Source: NASDAQ: COIN on TradingView.com
Related reading | Bitcoin price takes off with a 10% move, but is this the start of more?
safety first
While the amount of hacked cryptocurrencies has yet to be revealed, Coinbase’s immediacy of recovering users’ funds is reassuring, but it comes at a time when a number of stories have made headlines about the hacks and vulnerabilities.
In recent days, Compound Finance released a governance rule containing a small portion of faulty code that resulted in improper token distribution, putting over $80 million worth of COMP tokens at risk. Just a few days ago, the DeFi Protocol pNetwork lost more than $12 million to hackers.
It’s also not the first difficult situation for Coinbase lately either. Last week, pressure from the Securities and Exchange Commission (SEC) was enough to completely sideline the company’s expected interest-generating product, Lend. It came just a few weeks after a blog post and corresponding long-running tweets from Coinbase CEO Brian Armstrong, expressing frustration in communications with the Securities and Exchange Commission, called the agency “superficial.”
In addition, the major cryptocurrency exchange has faced challenges with the effects of potential infrastructure legislation and the USDC drama in recent months.
Crypto’s safety and security have improved greatly over time, but that doesn’t mean no one is at risk. Our team at NewsBTC always reminds you to use two-factor authentication, ideally via an authenticator, not to share the initial gateway, to use platforms you trust, and to look out for suspicious emails that might attempt phishing.
Related reading | Polygon founder says Ethereum is set to replace Bitcoin as the global standard
Featured image from Pexels, Charts from TradingView.com