Coinbase disclosed a breach involving rogue support agents stealing customer data and demanding a ransom, without exposing private keys or funds. The company plans to reinforce security measures, reimburse affected customers, and offers a reward for information to catch the attackers.
Affected: Coinbase, U.S. support systems, Coinbase customers.
Affected: Coinbase, U.S. support systems, Coinbase customers.
Keypoints
- Cybercriminals collaborated with rogue support agents to exfiltrate customer data from Coinbase.
- The stolen data includes personal identifiable information and limited account details, but not private keys or funds.
- Coinbase refused to pay the ransom and is offering a reward to help identify the attackers.
- The company estimates potential losses, including customer reimbursements, could reach up to $400 million.
- Enhanced security measures like insider threat detection and customer education are being implemented to prevent future breaches.