Coinbase on Thursday reported that cybercriminals bribed overseas support agents to steal customer data to use in social engineering attacks. The incident may cost Coinbase up to $400 million to fix, the company estimated.
The crypto exchange operator received an email on May 11 from someone claiming they obtained information about certain Coinbase customer accounts as well as other internal Coinbase documentation, including materials relating to customer service and account management systems, Coinbase reported in a Securities and Exchange Commission filing.
Although passwords and private keys were not compromised, affected data included sensitive data such as names, addresses, phone numbers and emails; masked bank account numbers and identifiers as well as the last four digits of Social Security numbers; government ID images
CEO: