(www.cnbc.com)

410 points gpi | 2 comments | 15 May 25 15:52 UTC | HN request time: 0.426s | source

Show context

neilv ◴[15 May 25 16:07 UTC] No.43996445[source]▶

The article keeps saying overseas employees or contractors, but isn't more specific on who Coinbase entrusted with this sensitive customer PII.

The bottom line is Coinbase didn't adequately secure sensitive customer information, and it was leaked.

Not, "Gosh, 'overseas' people, what can ya do?"

replies(12): >>43996466 #>>43996524 #>>43996557 #>>43996649 #>>43996661 #>>43996746 #>>43997312 #>>43997316 #>>43997530 #>>43997817 #>>43997825 #>>43998830 #

kragen ◴[15 May 25 16:19 UTC] No.43996557[source]▶

>>43996445 #

It's probably hard to keep call-center workers bribe-proof.

replies(9): >>43996618 #>>43996626 #>>43996651 #>>43996654 #>>43996807 #>>43997178 #>>43997271 #>>43997359 #>>43997458 #

toast0 ◴[15 May 25 17:35 UTC] No.43997359[source]▶

>>43996557 #

You can take the Google approach of basically not empowering the agents at all. It's not worth trying to social engineer Google CS, because they can't do anything anyway.

replies(1): >>43997516 #

1. miohtama ◴[15 May 25 17:52 UTC] No.43997516[source]▶

>>43997359 #

Coinbase has the same approach. It's a miracle that ransomware operators got in touch with Coinbase support at all.

replies(1): >>43999915 #

2. robotnikman ◴[15 May 25 22:17 UTC] No.43999915[source]▶

>>43997516 (TP) #

It would be pretty simple actually

>Go on LinkedIn

>Look up profiles of people who work at Coinbase

>Contact and bribe them with a burner account

↑

Coinbase says hackers bribed staff to steal customer data, demanding $20M ransom