Another one bites the dust as Coinbase Global suffers major data breach
Coinbase Global is the latest case in an onslaught of data breaches this year. As cyberthreats grow more complex, firms must look to prioritize data security to ensure their systems are impenetrable, and any risk is flagged immediately.
Written by a human
In brief:
- Coinbase Global, Inc suffered a major data breach by unknown hackers who are being investigated by the U.S. Department of Justice (DOJ) as they demanded a ransom of $20 million
- The data breach was a part of a large social engineering campaign which involved the bribery of Coinbase’s overseas customer support division for data and user information
- This hack is just one of an onslaught of cyber security attacks that have dominated the media this year, including regulators themselves, cloud providers, government entities, and retail stores, making one thing clear, all industries require data protection
The world’s largest cryptocurrency exchange is making headlines as the latest victim in an apparent onslaught of data breaches this year. On May 16, Coinbase Global, Inc confirmed that it had suffered a data breach which will likely result in an up to $400 million cost for the business in remediation and compensation. The U.S. Department of Justice (DOJ) is investigating the case and conducting a probe into the criminal actors involved, while Coinbase has launched a $20 million bounty for any information on the hackers.
The call’s coming from inside the house
Overseas agents working in the company’s customer support division were bribed by cybercriminals to leak sensitive customer data through a social engineering campaign, which relied on human error and deceit, rather than a technological loophole. Attackers then had access to a limited set of personal information such as names, emails, masked social security numbers and bank details, and used this information to demand a ransom from Coinbase of $20 million in Bitcoin in exchange for not leaking user data.
Employment of the Coinbase agents involved in the bribery was terminated and Coinbase moved parts of its support operations to the U.S. to ensure greater oversight and control. Alongside this, Coinbase has put controls into place to prevent future breaches, such as enhanced identity verification for high-risk transactions, scam-awareness prompts during withdrawals, and intentional processing delays for flagged accounts. With consumer trust in the company flagging, and Coinbase facing a wave of lawsuits, it’s under pressure to transform its cybersecurity and employee monitoring measures and increase transparency around the breach.
What’s more, blockchain analyst ZachXBT had identified patterns in which scammers were impersonating Coinbase support to access private data and tricking users into transferring funds months before the breach happened. This early identification draws into question whether, if Coinbase had look to resolve issues internally when made aware of them, this breach could have been avoided. Therefore, as the tale goes, firms must implement and act on suspicious activity immediately and would benefit from integrating rigorous and robust solutions to do so. Ones that flag risk or misconduct of any fashion instantly.
The DOJ is working with international law enforcement partners to discover and identify the hackers. The case comes at an interesting time, as the U.S. Senate is in the midst of advancing the GENIUS Act, a bipartisan bill which seeks to regulate payment stablecoins. The Act aims to implement a regulatory framework for fiat-backed stablecoins with provisions to limit company participation and enforce ethical standards for public officials. It is clear the U.S. government has a strong desire to ensure oversight frameworks exist to prevent data misuse.
No industry is safe
Coinbase’s hack comes amidst a wave of global cybersecurity breaches. At present, we see cybersecurity incidents across industry on a near-daily basis. From the Office of the Comptroller of the Currency (OCC) hack to the Oracle Cloud data breach, from government hacks to your favorite, hackers are leaving no stone unturned.
It is not solely financial services. cloud and regulatory providers that must take caution in choosing the correct compliant communications provider, but government officials too. In May, cybercriminals hacked and exposed White House communications after a public photo showed former National Security Adviser for the Trump administration, Mike Waltz, using TeleMessage. Distributed Denial of Secrets, a nonprofit with a mission to archive hacked and leaked documents in the public interest, published 410 GB of hacked data, and according to a Reuters review, the stakes have now been raised as they have identified more than 60 unique government users of the messaging platform in a cache of leaked data. Following the hack, TeleMessage suspended services, once again reinforcing the need for a resilient and secure platform with enhanced protection that will store all comms in unified repository.
Regulators, government, and large businesses are naturally appealing targets for cyberthreats and hackers, however, less expected is the attack on your favorite family grocery stores. The likes of Marks & Spencer (M&S) and The Co-operative Group have been hit with ransomware attacks, leaving their servers vulnerable and computer systems redundant. M&S has halted online shopping for weeks to come as hackers have stolen customer and employee data using social engineering tactics.. These attacks were used against a loyal customer base and were able to exploit the many ‘digital touchpoints’ that the business provides. James Hadley, Founder of cybersecurity firm Immersive, stated that:
“According to reports, the attackers gained access through a third-party contractor, then spent more than two days inside M&S’s systems before anyone noticed. That kind of dwell time is concerning, but unfortunately, not uncommon.”
Cyber not-so-secure
Cybersecurity breaches not only cause businesses to lose millions in share price and compensation but also lead to often irreparable reputational damage too. This is a clear call to action for businesses to implement a better security and supervision infrastructure. Protecting and archiving data in a way that is secure and complete is central to a prosperous business function, especially in the current landscape. Brand loyalty may stand the test of time, but will your cybersecurity?
Global Relay offers enhanced data protection, powered by artificial intelligence to ensure you can store, manage and enrich your data in one scalable store. Through powerful identity and access management features, you can be confident in knowing that potential threats and violations will be monitored and flagged.
