Coinbase has become a victim of extortion as attackers threatened to disclose confidential information about its users. CEO Brian Armstrong publicly addressed the situation.
About the extortion threat
On Thursday, May 15, Brian Armstrong, CEO of Coinbase, reported that the company received an email demanding a ransom of $20 million. He emphasized that the company has no intention of complying with the extortionists' demands. Armstrong stated that the attackers threatened to publish sensitive customer information unless the ransom was paid.
How attackers obtained customer data
According to Coinbase’s internal investigation, the attackers gained access to customer data by targeting the company’s overseas customer support representatives. Some of these representatives were bribed in exchange for confidential information. Although they did not have access to private keys or passwords, the available information, such as dates of birth and contact details, allowed attackers to conduct social engineering attacks.
Coinbase's response to the threats
Instead of paying the ransom, Armstrong announced that the company would offer $20 million for any information leading to the arrest of the attackers. Coinbase will also strengthen its security protocols. Armstrong added that the company would reimburse customers for any losses incurred due to these tactics.
The situation surrounding Coinbase highlights the importance of user data protection and the necessity of stringent security measures in the cryptocurrency industry. The company's response reflects its commitment to safeguarding its customers and ensuring their security.
