Coinbase Refuses $20M Extortion Demand After Data Leak
The post Coinbase Refuses $20M Extortion Demand After Data Leak appeared on BitcoinEthereumNews.com. Coinbase rejects $20M ransom after social engineering breach affects under 1% users. Stolen data includes IDs and contacts; private keys and accounts remain secure. Coinbase boosts security, offers $20M reward, and cooperates with global law enforcement. Coinbase has revealed that a recent security breach involving a small portion of its user base was the result of a targeted social engineering attack. The company said that overseas customer representatives were offered bribes by criminals trying to reach customer data. Because of the incident, Coinbase launched an investigation and refused to give in to a $20 million ransom demanded by the attackers, as it only affected fewer than 1% of users every month. Stolen Data Includes IDs, Contacts—Private Keys Remain Secure To be transparent, Coinbase said that while the attackers took some customer data, no sensitive data was affected and user accounts were fully secure. The stolen information involved names, addresses, phone numbers, and email addresses. It also includes some restricted financial data, such as disguised Social Security numbers and bank account information. Hackers also stole some documents and training files. Moreover, they accessed records containing ID images and past transactions. They could not get login secrets, private keys, or two-factor verification codes, nor were they able to get into or send funds through Coinbase or its customers’ accounts. Coinbase chose not to pay the requested ransom and decided to face the attack from the beginning. Coinbase said that it would repay users who lost money due to the social engineering tactic. To protect against similar situations, Coinbase has added several additional security systems. They include making it harder to transfer a lot of funds, setting up a support center in the U.S. with improved supervision, and expanding ways to detect and block suspicious actions. Coinbase decided not to pay the ransom…
The post Coinbase Refuses $20M Extortion Demand After Data Leak appeared on BitcoinEthereumNews.com.
Coinbase rejects $20M ransom after social engineering breach affects under 1% users. Stolen data includes IDs and contacts; private keys and accounts remain secure. Coinbase boosts security, offers $20M reward, and cooperates with global law enforcement. Coinbase has revealed that a recent security breach involving a small portion of its user base was the result of a targeted social engineering attack. The company said that overseas customer representatives were offered bribes by criminals trying to reach customer data. Because of the incident, Coinbase launched an investigation and refused to give in to a $20 million ransom demanded by the attackers, as it only affected fewer than 1% of users every month. Stolen Data Includes IDs, Contacts—Private Keys Remain Secure To be transparent, Coinbase said that while the attackers took some customer data, no sensitive data was affected and user accounts were fully secure. The stolen information involved names, addresses, phone numbers, and email addresses. It also includes some restricted financial data, such as disguised Social Security numbers and bank account information. Hackers also stole some documents and training files. Moreover, they accessed records containing ID images and past transactions. They could not get login secrets, private keys, or two-factor verification codes, nor were they able to get into or send funds through Coinbase or its customers’ accounts. Coinbase chose not to pay the requested ransom and decided to face the attack from the beginning. Coinbase said that it would repay users who lost money due to the social engineering tactic. To protect against similar situations, Coinbase has added several additional security systems. They include making it harder to transfer a lot of funds, setting up a support center in the U.S. with improved supervision, and expanding ways to detect and block suspicious actions. Coinbase decided not to pay the ransom…
What's Your Reaction?
