The Nasdaq-listed cryptocurrency exchange Coinbase has disclosed that at least 6,000 users were victims of a hacking campaign to gain unauthorized access to the accounts of Coinbase customers. The hackers also took advantage of a flaw in Coinbase’s SMS Account Recovery process to gain access to user accounts.
Cryptocurrencies of at Least 6,000 Coinbase Customers Stolen by Hackers
Cryptocurrency exchange Coinbase reportedly informed over 6,000 customers this week that their accounts had been compromised and funds were removed. A copy of the letter is posted on the website of California’s Attorney General. In the letter, the exchange explained:
Unfortunately, between March and May 20, 2021, you were a victim of a third-party campaign to gain unauthorized access to the accounts of Coinbase customers and move customer funds off the Coinbase platform. At least 6,000 Coinbase customers had funds removed from their accounts, including you.
In order to access a user account at Coinbase, the hackers needed to know the email addresses, passwords, and phone numbers linked to the accounts, and have access to a personal email inbox, the company said. “This type of campaign typically involves phishing attacks or other social engineering techniques to trick a victim into unknowingly disclosing login credentials to a bad actor.”
Coinbase further explained that “for customers who use SMS texts for two-factor authentication, the third party took advantage of a flaw in Coinbase’s SMS Account Recovery process in order to receive an SMS two-factor authentication token and gain access to your account.”
The exchange noted that once the hackers got into the affected user accounts, they were “able to transfer your funds to crypto wallets unassociated with Coinbase.”
The letter also noted that Coinbase updated its SMS Account Recovery protocols as soon as it learned of the issue, adding:
We will be depositing funds into your account equal to the value of the currency improperly removed from your account at the time of the incident. Some customers have already been reimbursed — we will ensure all customers affected receive the full value of what you lost. You should see this reflected in your account no later than today.
The Nasdaq-listed crypto exchange also said that it is conducting an internal investigation into this incident and the company is working closely with law enforcement to find the individuals behind this hack.
Nonetheless, Coinbase insisted, “We have not found any evidence that these third parties obtained [user] information from Coinbase itself.”