←back to thread

Coinbase says hackers bribed staff to steal customer data, demanding $20M ransom

(www.cnbc.com)
410 points gpi | 1 comments | 15 May 25 15:52 UTC | HN request time: 0.206s | source
Show context
neilv ◴[15 May 25 16:07 UTC] No.43996445[source]
The article keeps saying overseas employees or contractors, but isn't more specific on who Coinbase entrusted with this sensitive customer PII.

The bottom line is Coinbase didn't adequately secure sensitive customer information, and it was leaked.

Not, "Gosh, 'overseas' people, what can ya do?"

replies(12): >>43996466 #>>43996524 #>>43996557 #>>43996649 #>>43996661 #>>43996746 #>>43997312 #>>43997316 #>>43997530 #>>43997817 #>>43997825 #>>43998830 #
kragen ◴[15 May 25 16:19 UTC] No.43996557[source]
It's probably hard to keep call-center workers bribe-proof.
replies(9): >>43996618 #>>43996626 #>>43996651 #>>43996654 #>>43996807 #>>43997178 #>>43997271 #>>43997359 #>>43997458 #
bombcar ◴[15 May 25 16:26 UTC] No.43996626[source]
Call center workers who have access PII and financial abilities should probably be vetted a little bit better.
replies(1): >>43996653 #
kragen ◴[15 May 25 16:28 UTC] No.43996653[source]
How are you going to vet people to find out if they're vulnerable to bribery? Offer them a bribe during their probationary period, during which they only have access to fake customer data?
replies(1): >>43996686 #
bombcar ◴[15 May 25 16:31 UTC] No.43996686[source]
You can do a background check, but the reality of the matter is that you pay citizens a living wage to do the work instead of offshore it into a country that pays pennies.

Bank tellers can take thousands out of the vault at any time and yet it seems it’s not a very big issue.

replies(4): >>43996716 #>>43997036 #>>43997321 #>>44003857 #
1. mlrtime ◴[16 May 25 10:57 UTC] No.44003857[source]
Loss prevention is a big deal for employees, not just customers. People steal stuff from their employers ALL the time.