The Nasdaq-listed cryptocurrency exchange Coinbase has disclosed that at least 6,000 users were victims of a hacking campaign to gain unauthorized access to the accounts of Coinbase customers. Hackers also took advantage of a loophole in Coinbase’s SMS account recovery process to gain access to user accounts.
Cryptocurrencies of at Least 6,000 Coinbase Customers Stolen by Hackers
Cryptocurrency exchange Coinbase reportedly informed over 6,000 customers this week that their accounts had been compromised and funds were removed. A copy of the letter is posted on the California Attorney General’s website. In the letter, the exchange explained:
Unfortunately, between March and May 20, 2021, you were a victim of a third-party campaign to gain unauthorized access to the accounts of Coinbase customers and move customer funds off the Coinbase platform. At least 6,000 Coinbase customers have had funds withdrawn from their accounts, including you.
In order to access a user account at Coinbase, the hackers needed to know the email addresses, passwords, and phone numbers linked to the accounts, and have access to a personal email inbox, the company said. “This type of campaign usually involves phishing attacks or other social engineering techniques to trick a victim into unknowingly disclosing their login details to a bad actor.”
Coinbase further explained that “for customers who use SMS texts for two-factor authentication, the third party took advantage of a flaw in Coinbase’s SMS Account Recovery process in order to receive an SMS two-factor authentication token and gain access to your account.”
The exchange noted that once the hackers entered the affected user accounts, they were “able to transfer your funds to crypto wallets not associated with Coinbase.”
The letter also noted that Coinbase updated its SMS Account Recovery protocols as soon as it learned of the issue, adding:
We will deposit funds into your account equal to the value of the currency incorrectly withdrawn from your account at the time of the incident. Some customers have already been reimbursed — we will ensure all customers affected receive the full value of what you lost. You should see this reflected in your account no later than today.
The Nasdaq-listed crypto exchange also said it was conducting an internal investigation into the incident and that the company is working closely with law enforcement to find the people behind the hack.
Nonetheless, Coinbase insisted, “We have not found any evidence that these third parties obtained [user] information from Coinbase itself.”
