Coinbase does not plan to look at a ransom request of $ 20 million in pirates who have framed customer information from international support agents, the company announced on Thursday.
Instead, Coinbase offers a reward of $ 20 million for information leading to the arrest and the conviction of these pirates, who welded “weak links” found on the Customer-Monn Customer Support team social media site X.
“Our assistance tools have limited access to customer information. There were (no) passwords or private keys or funds accessible as part of this, but customer support agents have access to personal information such as name, date of birth, address, etc., “said Armstrong. “The attackers always want access to this information because it allows them to carry out social engineering attacks, where they can call our customers, by usurping the identity of Coinbase customer support and try to encourage them to send their funds to the attacker.”
Social engineering attacks, which circumvent technical defenses by manipulating people in the abandonment of private information, represents 70% to 90% of cyber attacks, according to the Cybersecurity Software Company Secure. PHISHING AND SMISHING – PHISHING SMS COUSIN – are common cases of social engineering attacks.
Thanks to some “bad apples”, the information disclosed from Coinbase included names, addresses, telephone numbers and email addresses; Masked social security numbers; Masked bank account numbers; Driving and passport license photos; and the stories of balance and transactions, according to A business blog article.
The incident – that Coinbase learned from an attacker’s email demanding a ransom – could cost the exchange up to $ 400 million, according to a securities depositBetween security problems and customer reimbursement.
Consequently, the company will move some of its customer support operations, including by opening a new support center in the United States
Coinbase has ended all the staff involved and implemented increased fraud monitoring protections, according to the file, and informed customers whose information was potentially accessible.
“For these extremely extremely expanses or anyone looking to harm Coinbase customers, know that we will continue and reflect you in court,” said Armstrong in his video on X.
Cyber-incident comes in what is otherwise a big week for Coinbase. He announced Wednesday that he would join the S&P 500 on May 19 – the first exchange of Crypto to do so – and The New York Times said Thursday that the exchange was under investigation by the Securities and Exchange Commission for having allegedly destroyed the verified users.
“This is an investigation to maintain the previous administration on a metric that we stopped reporting two and a half years ago, which was entirely disclosed to the public,” said legal director Paul Grewal in a statement sent by email to bank diving. “We have explained that the metric of verified users includes anyone who checked their email address or your phone number with us, which can overestimate the number of unique customers.”
“We have also disclosed – and continue to disclose – the most relevant metric of the monthly transaction users ” – the number of people who use our platform in a given month. Although we firmly believe that this investigation should not continue, we remain determined to work with the dry to end this case,” said Grewal.
Cornerbase first trimester deposit Indicates that the company has 9.7 million MTU. By this metric, the Sunday cyber-incident affected up to 97,000 people.
