Hackers stole cryptocurrency from at least 6,000 customers: Coinbase
Hackers stole from the accounts of at least 6,000 customers of Coinbase Global Inc, according to a breach notification letter sent by the cryptocurrency exchange to affected customers.
According to a copy of the letter posted on the website of California's Attorney General, the hack took place between March and May 20 this year.
"Unfortunately, between March and May 20, 2021, you were a victim of a third-party campaign to gain unauthorised access to the accounts of Coinbase customers and move customer funds off the Coinbase platform. At least 6,000 Coinbase customers had funds removed from their accounts, including you," stated the letter to its customers.
Unauthorised third parties exploited a flaw in the company's SMS account recovery process to gain access to the accounts, and transfer funds to crypto wallets not associated with Coinbase, the company said.
"We immediately fixed the flaw and have worked with these customers to regain control of their accounts and reimburse them for the funds they lost," a Coinbase spokesperson said on Friday.
The hackers needed to know the email addresses, passwords, and phone numbers linked to the affected Coinbase accounts, and have access to personal emails, the company said.
Coinbase said there was no evidence to suggest the information was obtained from the company.
They have set up a dedicated phone support line for customers impacted by this at 1 (844) 613-1499.
The platform has also been working closely with law enforcement to support its investigation into the
individuals behind this incident. Coinbase’s internal investigation into this incident is ongoing.