Thousands of Coinbase accounts hacked, did you get the breach alert?

Coinbase has confirmed that thousands of accounts have been hacked and have acknowledged a flaw in its private security system.

@JakConnorTT
Published Mon, Oct 4 2021 6:31 AM CDT

The massive cryptocurrency exchange Coinbase has confirmed that thousands of accounts have been breached.

Thousands of Coinbase accounts hacked, did you get the breach alert? 01 | TweakTown.com

Coinbase has sent out a notification letter to at least 6,000 Coinbase customers who have had funds removed from their accounts. According to the letter, which can be found in full below, "these third parties first needed prior knowledge of the email address, password, and phone number associated with your Coinbase account, as well as access to your personal email inbox" to gain access to the Coinbase accounts.

Additionally, Coinbase states that it has found no evidence that the aforementioned information was acquired from Coinbase itself. On top of that, Coinbase says that even if the third-parties that stole the cryptocurrency had all of the aforementioned information, they would still need proceed through additional authentication measures to access a Coinbase account.

However, Coinbase states, "in this incident, for customers who use SMS texts for two-factor authentication, the third party took advantage of a flaw in Coinbase's SMS Account Recovery process in order to receive an SMS two-factor authentication token and gain access to your account. Once in your account, the third party was able to transfer your funds to crypto wallets unassociated with Coinbase."

Full statement from Coinbase:

"In order to access your Coinbase account, these third parties first needed prior knowledge of the email address, password, and phone number associated with your Coinbase account, as well as access to your personal email inbox. While we are not able to determine conclusively how these third parties gained access to this information, this type of campaign typically involves phishing attacks or other social engineering techniques to trick a victim into unknowingly disclosing login credentials to a bad actor."

"We have not found any evidence that these third parties obtained this information from Coinbase itself. Even with the information described above, additional authentication is required in order to access your Coinbase account. However, in this incident, for customers who use SMS texts for two-factor authentication, the third party took advantage of a flaw in Coinbase's SMS Account Recovery process in order to receive an SMS two-factor authentication token and gain access to your account. Once in your account, the third party was able to transfer your funds to crypto wallets unassociated with Coinbase."

For more information on this story, check out this link here.

Buy at Amazon

NASA It's My Birthday Give Me Space Word Stack T-Shirt

TodayYesterday7 days ago30 days ago
$19.99$19.99-
* Prices last scanned on 10/25/2021 at 6:43 am CDT - prices may not be accurate, click links above for the latest price. We may earn an affiliate commission.
NEWS SOURCES:zdnet.com, reuters.com

Jak joined the TweakTown team in 2017 and has since reviewed 100s of new tech products and kept us informed daily on the latest science and space news. Jak's love for technology, and, more specifically, PC gaming, began at 10 years old. It was the day his dad showed him how to play Age of Empires on an old Compaq PC. Ever since that day, Jak fell in love with games and the progression of the technology industry in all its forms. Instead of typical FPS, Jak holds a very special spot in his heart for RTS games.

Newsletter Subscription

Related Tags

Newsletter Subscription
Latest News
View More News
Latest Reviews
View More Reviews
Latest Articles
View More Articles