Coinbase's Indian Vendor Got Bribed. $400M in losses and reimbursements
a year ago
- #Phishing
- #Cybersecurity
- #Data Breach
- A Coinbase Indian support contractor was bribed to leak sensitive user data.
- The leaked data included names, addresses, phone numbers, emails, partial SSNs, government ID images, and account histories.
- The data was used for highly convincing phishing attacks, bypassing MFA by exploiting social trust.
- Coinbase lost $400 million due to the breach, with 69,000 customers affected.
- The breach was not detected proactively; Coinbase found out after users reported suspicious activity.
- Security controls like Just-In-Time Access, session recording, scoped data views, and behavioral analytics could have prevented the breach.
- The attacker demanded $20 million from Coinbase, which refused but is now offering the same amount to catch the perpetrator.
- The incident highlights the risks of unchecked access for vendors and the need for better monitoring of internal workflows.