A Cryptocurrency Exchange Coinbase with more than 100 million customers revealed that a recent data violation in which cyber criminals stole customer and corporate data and affected 69,461 persons.
In data violation notifications Filed With the office of the Main’s Attorney General, the Coinbase said, “A small number of individuals, performing services for the coinbase at our foreign retail support locations, reached the customer information improperly.”
While exposed data, people affected have not included passwords, seed phrases, private keys, or other information that could be used to reach their funds or accounts, including a combination of individual identifiers such as name, date, date of birth, final four digits of social security number, masked bank account number and some bank account identification, address, phone numbers and email addresses.
Based on the affected customer, the stolen information may also contain images of government identity information (eg, driver’s license number, passport number, national identity card number) and account information (including transaction history, balance, transfer, account opening date).
“Attackers seek this information as they want to conduct social engineering attacks, using this information that the victims look reliable to move their money to look reliable,” the coinbase warns.
Disclosure comes after many Gave voice to their concern This phenomenon can lead to serious consequences, including physical damage, cyber criminals affected by this data breech after receiving access to customers account balance and address.
Damage can reach $ 400 million
On Thursday, the Coinbase revealed the data breech in filing with the US Securities and Exchange Commission that the danger actors behind the attack obtained a customer data up to 1% of the customer base of the coinbase with the help of assistant employees or contractors outside the United States.
The attackers also sent an email on 11 May, which attempted to pay $ 20 million ransom in exchange for not releasing the stolen information online. However, the Crypto Exchange stated that it would not pay the ransom, but will install a reward of $ 20 million for tips that can help find and judge the attackers coordinating this attack.
While the coinbase is still assessing the financial impact of the breech and assessing the number of customers who were cheated in sending funds to the attackers in the follow-up social engineering attacks, the company is still unknown, the company said the resulting expenses “would be for the remedial and customer refrand” within the range of $ 180 million to $ 180 million.
The company said, “The coinbase will voluntarily reimburse retail customers, who accidentally sent the money to the scammer as a direct result of the incident, before the date of this post, after a review to confirm the facts, after a review,” the company said.
Coinbase recommends customers to be cautious with scammers imposing their employees, who can try to get money or sensitive information such as passwords or 2FA codes. If contacted, hang, as the account will never ask the account details on the phone. To further promote safety and to protect against such attacks, activate permission to return and enable two-factor authentication.
Based on the analysis of 14M malicious tasks, search for the top 10 MITERAT & CK techniques behind the 93% attacks and how to defend them against them.
