←back to thread

Coinbase says hackers bribed staff to steal customer data, demanding $20M ransom

(www.cnbc.com)
410 points gpi | 1 comments | 15 May 25 15:52 UTC | HN request time: 0.277s | source
Show context
skybrian ◴[15 May 25 18:07 UTC] No.43997650[source]
Blog post is here:

https://www.coinbase.com/blog/protecting-our-customers-stand...

> We will reimburse customers who were tricked into sending funds to the attacker due to social engineering attacks. If your data was accessed, you have already received an email from no-reply@info.coinbase.com; all notifications went out at 7:20 a.m. ET on 5/15 to affected customers.

replies(3): >>43997943 #>>43998011 #>>44003991 #
PeeMcGee ◴[15 May 25 18:43 UTC] No.43998011[source]
> No passwords, private keys, or funds were exposed and Coinbase Prime accounts are untouched.

I'm curious why no Coinbase Prime accounts were part of the leak (assuming that's what they mean). Is there some sort of additional layer of data protection behind the Coinbase Prime paywall? Or perhaps those accounts were intentionally avoided as they would presumably belong to more savvy users.

replies(1): >>43998038 #
1. czk ◴[15 May 25 18:46 UTC] No.43998038[source]
Coinbase Prime is its own exchange with its own support (actual humans in the USA that are available to chat to). It's for "institutional investors" so unavailable to most customers without the proper credentials/paperwork. They don't share the same outsourced "support" as the regular exchange, which appears to be the attack vector here.