1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Coinbase hack sees thousands of users accounts drained

    From TechnologyDaily@1337:1/100 to All on Mon Oct 4 12:15:02 2021
    Coinbase hack sees thousands of users accounts drained

    Date:
    Mon, 04 Oct 2021 11:05:25 +0000

    Description:
    Coinbase acknowledges months-long campaign may have hit thousands of users.

    FULL STORY ======================================================================

    Coinbase has sent out breach notification letters to over 6000 users admitting they might have lost funds in a months-long campaign against the cryptocurrency exchange.

    In the letter, the company said attackers took advantage of a flaw in
    Coinbase two-factor authentication ( 2FA ) mechanism to carry out several assaults between March and May 20, 2021.

    As soon as Coinbase learned of this issue, we updated our SMS Account
    Recovery protocols to prevent any further bypassing of that authentication process, notes Coinbase in the notification letter . TechRadar needs you!

    We're looking at how our readers use VPNs with streaming sites like Netflix
    so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.

    Click here to start the survey in a new window << Take a look at these
    best password managers Weve also rounded up the best security keys Here are the best business password managers

    Even as the exchange is investigating the incident, it has decided to reimburse all customers by depositing funds equal to the cryptos stolen from their accounts. Complex campaign

    Sharing more details, Coinbase said that attackers would have required
    certain information associated with the customers account, such as their
    phone numbers, and login credentials.

    The issue has been brewing for some time now. Unconfirmed reports of hackers accessing and draining the cryptocurrency wallets of Coinbase customers first surfaced in August. Then in September, the company had to reassure its users that the email they received about the change in their 2FA settings were sent erroneously .

    While the exchange has admitted that it is not able to determine conclusively how these third parties gained access to this information, if it were to
    guess itd say the details were inadvertently leaked by the customers as part of an elaborative and affective phishing campaign.

    Even with the information described above, additional authentication is required in order to access your Coinbase account. However, in this incident, for customers who use SMS texts for two-factor authentication, the third
    party took advantage of a flaw in Coinbases SMS Account Recovery process in order to receive an SMS two-factor authentication token and gain access to your account, explained Coinbase.

    In addition to reimbursing the funds, Coinbase will provide free credit monitoring service to customers, as it suggests users to use a different 2FA mechanism besides SMS-based one, and cycle the password of their Coinbase account, as well as of the associated email address. Shield yourself with these best identity theft protection services



    ======================================================================
    Link to news story: https://www.techradar.com/news/coinbase-hack-sees-thousands-of-users-accounts- drained/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)