Cyber actors obtained customer data by bribing Coinbase personnel

Cryptocurrency firm Coinbase has disclosed an attempted extortion by cybercriminals who obtained information about certain users through bribed overseas staff.

The firm said on Thursday that it received an email communication from an unknown threat actor claiming to have obtained information about certain customer accounts.

The communication demanded a $20 million ransom in exchange for not publicly disclosing the information.

"We said no," Coinbase said in a blog post.

According to the firm, the compromised information included:

• Name, address, phone, and email
• Masked Social Security (last four digits only)
• Masked bank‑account numbers and some bank account identifiers
• Government‑ID images (e.g., driver's licence, passport)
• Account data (balance snapshots and transaction history)
• Limited corporate data (including documents, training material, and communications available to support agents)

"No passwords, private keys, or funds were exposed and Coinbase Prime accounts are untouched," the company said.

Employees bribed to get info

Coinbase disclosed in a Securities and Exchange Commission filing that the cyber actors obtained their users' information by bribing multiple contractors or employees who were working in support roles outside the United States.

These people had access to internal Coinbase systems as part of their job responsibilities.

According to Coinbase, it detected these personnel's access in...

Read Full Story: https://news.google.com/rss/articles/CBMixAFBVV95cUxQSUctcW5rZFJQNVpJVjZHWkVT...