Coinbase Reveals Massive Hack of User Accounts: Over 6,000 Customers Lost Funds

Oct 2, 2021 | Bitcoin News | 0 comments


The Nasdaq-listed cryptocurrency exchange Coinbase has disclosed that at least 6,000 users were victims of a hacking campaign to gain unauthorized access to the accounts of Coinbase customers. The hackers also took advantage of a flaw in Coinbase’s SMS Account Recovery process to gain access to user accounts.

Cryptocurrencies of at Least 6,000 Coinbase Customers Stolen by Hackers

Cryptocurrency exchange Coinbase reportedly informed over 6,000 customers this week that their accounts had been compromised and funds were removed. A copy of the letter is posted on the website of California’s Attorney General. In the letter, the exchange explained:

Unfortunately, between March and May 20, 2021, you were a victim of a third-party campaign to gain unauthorized access to the accounts of Coinbase customers and move customer funds off the Coinbase platform. At least 6,000 Coinbase customers had funds removed from their accounts, including you.

In order to access a user account at Coinbase, the hackers needed to know the email addresses, passwords, and phone numbers linked to the accounts, and have access to a personal email inbox, the company said. “This type of campaign typically involves phishing attacks or other social engineering techniques to trick a victim into unknowingly disclosing login credentials to a bad actor.”

Coinbase further explained that “for customers who use SMS texts for two-factor authentication, the third party took advantage of a flaw in Coinbase’s SMS Account Recovery process in order to receive an SMS two-factor authentication token and gain access to your account.”

The exchange noted that once the hackers got into the affected user accounts, they were “able to transfer your funds to crypto wallets unassociated with Coinbase.”

The letter also noted that Coinbase updated its SMS Account Recovery protocols as soon as it learned of the issue, adding:

We will be depositing funds into your account equal to the value of the currency improperly removed from your account at the time of the incident. Some customers have already been reimbursed — we will ensure all customers affected receive the full value of what you lost. You should see this reflected in your account no later than today.

The Nasdaq-listed crypto exchange also said that it is conducting an internal investigation into this incident and the company is working closely with law enforcement to find the individuals behind this hack.

Nonetheless, Coinbase insisted, “We have not found any evidence that these third parties obtained [user] information from Coinbase itself.”

What do you think about this security breach affecting over 6,000 Coinbase users? Let us know in the comments section below.

News Source from

Related Articles

Baseball Legend Willie Mays Launches NFT Collection on Nifty Gateway

Just in time for the 117th World Series this month, the Costacos Collection announced today the upcoming release of a non-fungible token (NFT) line dedicated to Baseball Hall of Famer Willie Mays. Hosted on the NFT platform Nifty Gateway, the collection features...

Two US banks sign up for bitcoin trading platform from Q2 and NYDIG

New York’s Five Star Bank and California's UNIFY Financial Credit Union are the first U.S. institutions to offer bitcoin trading through a platform from Austin-based Q2 Holdings and New York Digital Investment Group (NYDIG).  Through the so-called Q2 Digital Banking...

Pin It on Pinterest

Share This