Coinbase, the largest US-based crypto exchange by trading volume, just disclosed a cyber attack that relied on bribing exchange employees.
In a cybersecurity incident report to the U.S. Securities and Exchange Commission (SEC), Coinbase says hackers bribed multiple employees to share information about customer accounts and internal Coinbase documentation.
The exchange believes it will pay $180 million to $400 million in remediation costs and voluntary customer reimbursements.
-->“While the Company is still investigating the affected data, it included:
- Name, address, phone, and email;
- Masked Social Security (last 4 digits only);
- Masked bank-account numbers and some bank account identifiers;
- Government-ID images (e.g., driver’s license, passport);
- Account data (balance snapshots and transaction history); and
- Limited corporate data (including documents, training material, and communications available to support agents).”
Coinbase learned of the hack by receiving a May 11 email demanding a $20 million Bitcoin (BTC) payoff to prevent the hackers from releasing the illegally obtained info.
Coinbase says that the employees involved have been fired, that the firm will not pay the hackers’ ransom and that it is cooperating with law enforcement in the investigation.
In a video posted to the social media platform X, CEO Brian Armstrong promises Coinbase will pay back those affected, increase cyberattack defenses, and relocate certain overseas customer support operations. Armstrong claims that the bribed Coinbase employees were all “overseas support agents”.
Coinbase (COIN) stock has fallen over 4 since the news broke.
Follow us on X, Facebook and Telegram
