Crypto Giant Coinbase confirmed that its system was compromised and customer data, including government-issued identity documents, was stolen.
In a legally necessary submission to US regulators, Coinbase said this week that the hackers had obtained information about their customer accounts from the company and demanded money from the company in exchange for not releasing stolen data.
Coinbase said that hackers “get this information by gathering information from an internal Coinbase system that has access to multiple contractors or employees supporting roles outside the US to fulfill their work responsibilities.” Support staff are no longer employed, the company said.
The filing said that Coinbase’s system has detected malicious activity in the past few months and warns customers that “information may be accessed to prevent misuse of compromised information.”
Coinbase said it would not pay the hacker’s ransom. According to a social post by CEO Brian Armstrong, the hackers have asked the company for $20 million.
The company said the hackers stole the last four digits of the customer’s name, mail and email address, phone number and the user’s Social Security number. Hackers also took masked bank account numbers and some bank identifiers, as well as client government-issued identity documents, such as driver licenses and passports. The stolen data also includes account balance data and transaction history.
The company said some company data, including internal documents, were also stolen during the violation.
In a blog post, Coinbase said that violations affect less than 1% of customers. Coinbase has over 100 million customers as of 2022, according to our website.
Coinbase said it expects costs to be incurred in approximately $180 million to $400 million in connection with incident correction and customer refunds.
A Coinbase spokesman did not immediately respond to TechCrunch’s request for comment.
Do you work at Coinbase and know more about the violation? Please contact this reporter via signal at username: zackwhittaker.1337 or email: zack.whittaker@techcrunch.com
Source link
