Quick Takeaways
-
Data Breach: Coinbase reported that criminals improperly accessed personal customer information, leading to threats of releasing this data unless a $20 million ransom is paid.
-
Internal Compromise: Customer service agents located outside the U.S. were bribed to provide sensitive customer data, enabling social engineering scams that target Coinbase users.
-
Financial Impact: The company anticipates remediation and reimbursement costs between $180 million to $400 million and witnessed a 6% drop in its shares following the news.
- Response Strategy: Coinbase will not pay the ransom, instead offering a $20 million reward for information leading to the attackers’ arrest, promising to prosecute offenders.
[gptA technology journalist, write a short news story divided in two subheadings, at 12th grade reading level about ‘Coinbase said cyber crooks stole customer information and demanded $20 million ransom payment’in short sentences using transition words, in an informative and explanatory tone, from the perspective of an insightful Tech News Editor, ensure clarity, consistency, and accessibility. Use concise, factual language and avoid jargon that may confuse readers. Maintain a neutral yet engaging tone to provide balanced perspectives on practicality, possible widespread adoption, and contribution to the human journey. Avoid passive voice. The article should provide relatable insights based on the following information ‘
Coinbase, the largest cryptocurrency exchange based in the U.S., said Thursday that criminals had improperly obtained personal data on the exchange’s customers for use in crypto-stealing scams and were demanding a $20 million payment not to publicly release the info.
Coinbase CEO Brian Armstrong said in a social media post that criminals had bribed some of the company’s customer service agents who live outside the U.S. to hand over personal data on customers, like names, dates of birth and partial social security numbers.
“(The stolen data) allows them to conduct social engineering attacks where they can call our customers impersonating Coinbase customer support and try to trick them into sending their funds to the attackers,” Armstrong said.
Social engineering is a popular hacking strategy, as humans tend to be the weakest link in any network. Many large companies have suffered hacks and data breaches as a result of such scams in recent years.
Coinbase did not specify how many customers had their data stolen or fell prey to social engineering scams. But the company did pledge to reimburse any who did.
Coinbase shares fell 6% in trading around midday. The shares are still up about 22% this month due to gains in bitcoin and other cryptocurrencies.
In a filing with the Securities and Exchange Commission, Coinbase estimated that it would have to spend between $180 million to $400 million “relating to remediation costs and voluntary customer reimbursements relating to this incident.”
The SEC filing said that the company had, “in previous months,” detected some of its customer service agents “accessing data without business need.” Those employees had been fired, and the company said it stepped up its fraud prevention efforts.
Coinbase said it received an email from the attackers on Sunday demanding a ransom of $20 million worth of bitcoin not to publicly release the customer data they had stolen.
Armstrong said the company was refusing to pay the ransom and would instead offer a $20 million bounty for anyone who provided information that led to the attackers’ arrest.
“For these would-be extortionists or anyone seeking to harm Coinbase customers, know that we will prosecute you and bring you to justice,” Armstrong said. “And know you have my answer.”
‘. Do not end the article by saying In Conclusion or In Summary. Do not include names or provide a placeholder of authors or source. Make Sure the subheadings are in between html tags of
[/gpt3]
Discover More Technology Insights
Dive deeper into the world of Cryptocurrency and its impact on global finance.
Access comprehensive resources on technology by visiting Wikipedia.
Cybercrime-V1
