Coinbase, the only publicly traded company of the top 10 crypto exchanges has had a major data breach VERIFIED. This breach has exposed the personal and financial data of at least 69,461 customers. The breach spanned multiple months and was part of a highly sophisticated scheme. The hacker was able to get access to sensitive customer data because they bribed customer support employees over the phone. Last week, Coinbase disclosed the incident. They shared further information in a public filing with Maine’s attorney general, as required by the state’s data breach notification statute.
The breach is particularly concerning given Coinbase’s prominence and expertise in cybersecurity. The firm explained that the hacker was able to exploit vulnerabilities in the customer service area. This breach allowed them to direct access customer accounts with guidance from Coinbase employees. This mode of infiltration highlights one of the greatest dangers posed by insider threats to organizations that work with sensitive information.
Coinbase’s filing with the state attorney general detailed the scope of the breach and types of information involved. Impacted customers had their personal and financial information compromised. In reaction, the company immediately scrambled to continue preventing future damage. Maine’s data breach notification ensures that companies tell the people they’ve affected right away. They are required to inform the state attorney general in the event that any breach threatens customer data security.
Coinbase has been going through a rocky period. Since then, they’ve filed suit against the U.S. Securities and Exchange Commission (SEC) to compel the agency to respond to a rulemaking petition on cryptocurrency regulation. The company has certainly been in the spotlight recently regarding their adherence (or lack thereof) to regulatory standards. This major data breach may seriously undermine its ability to restore trust and security on its platform.
Nevertheless, in the wake of such a breach, Coinbase will surely take steps to strengthen security measures and avoid a repeat of this event. The alarming breach serves as a reminder about the importance of safeguarding customer data. It brings to the forefront the need to make sure workers themselves are protected from predatory behaviors that may undermine data integrity.