- The attacker received a bribe for supporting employees to access internal tools.
- The $ 20 million ransom demand has been redirected as a reward fund.
- New protection is ahead of the S & P 500.
Coinbase unveiled a cyber attack related to overseas contractors, resulting in serious data leaks that affect less than 1% of monthly active users.
Although the funds, passwords, or personal keys were not exposed, the attacker extracted access and sensitive customer information to the internal system.
The incident is increasing concern about the internal threat of the centralized encryption platform, and it comes at an important moment as Coinbase is prepared to include in the S & P 500 index.
The company has begun to protect new users and expects up to $ 400 million.
The bribery contractor has activated access.
This violation was caused by the adjusted social engineering efforts that a group of overseas contractors received bribes to give an attacker on the internal tools.
Coinbase did not specify the relevant country, but I confirmed that the Coinbase Prime account used by the institution was not affected.
The attacker has obtained partial banking information, address, phone number and mask social security numbers with the goal of disguising the platform and extracting additional assets through phishing.
Coinbase warned that this information was aimed at users of subsequent fraud by posing as a legitimate support agent.
$ 20 million in ransom has been rejected.
After the violation was found, the attackers demanded $ 20 million to pay silence.
Coinbase has switched to reward funds to refuse demand and help to track the person in charge.
The company currently offers up to $ 20 million for information that leads to the attacker’s arrest and conviction.
Coinbase also participated in the blockchain analysis company to flag the address connected to the attacker, frozen potential theft assets, and monitored the flow of funds.
The US and overseas law enforcement agencies have been warned to pursue criminal charges.
New protection has been deployed
Coinbase has implemented some new security protocols to limit future attacks and ease the risk of violations.
This includes additional ID verification, real -time fraudulent alarms, and enhanced investigations of high risk accounts during the withdrawal.
In the United States, a new customer support hub has been released to reduce third -party outsourcing.
Internally, Coinbase has enhanced my rich threat detection and now runs a continuous red test.
If you succeed in success using the stolen data, we are making the affected customer a “whole” and considering a potential immunity claim.
List in S & P 500 Spotlight
This disclosure was made a few days before Coinbase entered S & P 500, so it became the first encryption company to achieve differentiation.
The analyst is expected to increase the investigation of Exchange’s security infrastructure and operational elasticity at the expected cost of violating $ 180 million to $ 400 million.
Coinbase said that a complete evaluation of losses, legal claims and potential recovery is in progress, but this case emphasizes the problems faced by the centralized exchange faced by the centralized exchange to protect user data against external and internal threats.