Crypto Giant Coinbase Falls Victim To Cyberattack, Says Employee Login Credentials Used To Gain Remote Access

Crypto exchange Coinbase has announced that a hacker stole the login credentials of a company employee to gain remote access to its system, and as a result, obtained some contact information belonging to multiple employees but customer data and funds remained unharmed.

"Coinbase recently experienced a cybersecurity attack that targeted one of its employees. Fortunately, Coinbase's cyber controls prevented the attacker from gaining direct system access and prevented any loss of funds or compromise of customer information. Only a limited amount of data from our corporate directory was exposed," Coinbase said in a blog post.

The company stated that on Sunday (February 5), several employees' mobile phones started to alert with SMS messages indicating that they need to urgently log in via the link provided to receive an important message.

ALSO READ: Crypto Hack: DeFi Market Maker Wintermute Loses $160 Million In Breach

While the majority of employees ignored this unprompted message, one employee, believing it to be an important and legitimate message, clicked the link and entered their login information.

After "logging in", the employee was asked to disregard the message and thanked for doing so.

Further, the attacker, equipped with a legitimate Coinbase employee username and password, made repeated attempts to gain remote access to the company.

However, the attacker was unable to provide the required Multi-Factor Authentication (MFA) credentials — and was blocked from gaining access, said the company.

Moreover, the crypto exchange platform noted that, after a while, its employee's mobile phone rang, and it started having a conversation with the attacker who claimed to be from Coinbase corporate Information Technology (IT), and needed the employee's help.

ALSO READ: Maharashtra Man Loses Rs 12 Lakh In Crypto After Account Gets Breached

Believing that they were speaking to a legitimate Coinbase IT staff member, the employee logged into their workstation and began following the attacker's instructions.

"That began a back-and-forth between the attacker and an increasingly suspicious employee. As the conversation progressed, the requests got more and more suspicious," said Coinbase.

(This report has been published as part of the auto-generated syndicate wire feed. Apart from the headline, no editing has been done in the copy by ABP Live.)

Disclaimer: Crypto products and NFTs are unregulated and can be highly risky. There may be no regulatory recourse for any loss from such transactions. Cryptocurrency is not a legal tender and is subject to market risks. Readers are advised to seek expert advice and read offer document(s) along with related important literature on the subject carefully before making any kind of investment whatsoever. Cryptocurrency market predictions are speculative and any investment made shall be at the sole cost and risk of the readers.