Coinbase Customer Info Stolen by Bribed Insiders
Insider threat is a major problem and getting worse all the time.
Coinbase, the largest US-based cryptocurrency exchange, has disclosed a major data breach involving bribed overseas customer support agents who stole sensitive customer information. The attackers demanded a $20 million ransom, which Coinbase refused to pay. Instead, the company has offered a $20 million reward for information leading to the arrest and conviction of the perpetrators.
Coinbase says that the insiders only compromised about one percent of their customers’ data. Data stolen includes “masked” bank account data, internal documents, partial socials, government ID images, names, addresses, transaction history .
They did NOT get access to login info, private keys and crypto wallets.
Coinbase refused to pay the ransom and customers who were compromised will be reimbursed, they say.
The Coinbase response was unusual.
When their CEO announced the breach, he admitted that they could do better, said they were not going to pay the demanded $20 million ransom, admitted that they could lose a few customers and posted a $20 million bounty on the heads of the hackers.
Pretty refreshing. I hope more CEOs follow suit.
If you need assistance managing insider threat, please contact us.
Credit: Hackread
by 