The highly organized violation of last week’s cryptocurrency exchange Coinbase (coin) has left more questions than answers.
While some hailed response by Coinbase as a “really good example” In dealing with a crisis, the violation has now led to a potentially massive privacy issue reflecting the Breaking the ledger data In 2021 – led to a spate of The robbery of the world Because criminals get a holding names and addresses of crypto holders. Coinbase has already acknowledged that its customers may have lost near half of a billion US dollars as a result of its violation.
Cybercriminals Already accessing Coinbase’s user data By bribery and convincing Coinbase support employees to share that data, but it is completely avoided, according to many experts who spoke to CoinDesk.
“A failed system will make data theft impossible, but Coinbase clearly does not lead these steps, left the open door,” Andy Zhou, BlockCain Security Firm Blocksec coin-coindesk co-founder at CoinDesk.
These criminals are allowed to access personal data, even by a hack or, in this case, social engineering, is a major blight in an exchange that facilitates billions of dollars dollars amount of day -to -day volume. The breach created many issues, Includes user privacy and trust. How does Coinbase, a company -exchanged company, allow for personal information and money in front of the door? And can it be prevented?
Hackett Communications CEO Heather Dale has shared Coinbase’s response as a “masterclass in communication,” but Coinbase’s method of dealing with issues is simple: throw as much money as possible.
The exchange of a has offered a $ 20 million bug bounty For anyone who reported information that would lead to an arrest or prosecution. It also focuses on the voluntary repayment of users of users with between $ 180 million to $ 400 million.
What happened?
Before examining the collapse of the violation, it is important to understand how the violation of a company that has been publicly exchanged publicly has taken millions of dollars per month on security infrastructure.
In February, the on-chain Sleuth Zachxbt reported an increase in thefts involving coinbase users. He said it was “the result of aggressive risk models and Coinbase’s failure to stop its users who lose $ 300 (million) per year in social engineering scams.”
Fear of cybercriminals stealing the road -a million dollars became a reality last week when Coinbase published a blog post that revealed that account balances, government ID images, phone numbers, addresses and masked account details of the bank account were stolen.
Unlike other hacks and violations, which involved attacks that exploit a faulty back-end, these attacks enter the front door-directly communicating with Coinbase employees and buying access to information through Rogue insider. Coinbase claimed it fired all responsible employees in the area, though it did not announce the technique it used to find those responsible for Blog post.
The issue, however, is not confined to crypto. In 2022, the digital bank revolut confirmed that 50,000 customer sets Data stolen, while a year later, the Robinhood trading platform is up to 5 million email addresses that leak. The latter is Enhanced $ 45 million of the SEC Following the breach after it appears that a portion of customers has Accounts were wiped by attacks.
The BBC reported In October, a particular revolut user lost £ 165,000 ($ 220,0000) following a data violation and that the neobank fraud discovery system prevented £ 475 million in fraudulent transactions in 2023.
Coinbase competitors said Binance and Kraken Managed to -PEND OFF Similar social engineering attacks in recent weeks.
CoO of Coinbase Brian Armstrong also posted a video on X last week, saying he received a “ransom note” for $ 20 million in Bitcoin in exchange for these attacks that did not release some information they claimed to have obtained Coinbase customers.
Zachxbt added On Thursday the attacks began to avoid stolen funds by replacing BTC for ETH in Thorchain, a place North Korea’s deadly hackers often use Lazarus Group.
‘Main wake-up call’
Andy Zhou, co-founder of blockchain security firm Blocksec, told CoinDesk that Coinbase should conduct “more strict background checks with employees holding sensitive data” and set up “alarms for strange activity” like someone who suddenly downloaded thousands of customer profiles.
Zhou added that Coinbase should have implemented some technical solutions. This includes strict paper-based access, which means employees see only the necessary data, or privacy tools that allow the job without exposing raw details (for example, blurring ID photos).
Nick Tousek, the security automation architect in Swimlane, told CoinDesk that the violation should be a “main wake-up call” for a stable discovery of the insider threat.
“As the scales and operations and operations reach time zones, discovering a threat to the insider and accessing management cannot be after
However, not everyone is stacked with Coinbase.
Michal Pospieszalk, CEO of Matterfi, said it was “not a Coinbase problem, it was a systematic weakness that Crypto had occurred since the day.”
He argued that the nature of shipping crypto without an intermediary means that all platforms are a false disaster mistake.
Hackers need to have a situation that can deceive users by sending their funds to an irreversible transaction. In Coinbase’s case, the attacks gained access to personal identification from an employee of Rogue.
The issue of the root, according to Pospieszalsk, is the problem of users who do not know if they are sending funds to the right recipient, adding that crypto is running on a “trust me, bro” model of identity verification and it is not sustainable.
What will happen next?
Coinbase said it will voluntarily pay for customers who have lost funds during the breach and will continue to work with law enforcement to obtain those responsible. But for users, this is a darker road.
Said the exchange in a Regulation filing On Wednesday the violation affects 69,461 customers. The filing also noted that the violation took place in December 2024 and was not discovered by Coinbase until May 15.
These details are on the Internet today, and can be sold on the dark web and in shady telegram groups. After breaking the Ledger, customer details are Na -Published in RaidforumsA bad data sharing platform, which led to increasing phishing attempts.
Unfortunately, the Coinbase can do nothing to avoid sharing this leak information, leaving the affected users to try to put as much care as possible. This includes changing wallets, changing deposit addresses to exchanges and even changing home addresses to avoid the risk of real -world thefts. Users whose Social Security numbers have leaked should also block their credit to prevent identity theft.
It may be intricate, but as seen earlier this year during the attempt Ledger’s kidnapping co-founder David Balland (And many other individuals over the past few weeks), criminals will not stop until they get the maximum amount of funds, even if it means ruin the brutal acts of violence.
It also raised a potential legal question: If a Coinbase customer should be robbed or raided due to data violations, is Coinbase responsible? Ledger failed to escape a suggested class act of action earlier this year, along with plaintiffs who said Ledger violated his privacy policy and should take steps to prevent violations.
Crypto researcher Molly White also pointed out that Coinbase changed its user’s agreement in April, adding two clauses that limited to class action cases and required suits to be filed in New York, with changes applied on May 15, the same day the violation was announced.
Coinbase responded to CoinDesk about White’s claims, saying the exchange was “informed of customers good in advance“Of changing the user agreement and it has a class action that has refused the area for“ years. “
Coinbase does not, however, comment on questions related to whether the violation is preventable or how it will protect customers who may be dangerous to real -world thefts in the future.
Read more: Market reaction to Coinbase Hack ‘Overblown,’ says Analysts as SEC Probe Sinks Stock
