I think the truism that “Getting hacked in the new normal,” is getting etched in stone with every single passing day. It also seems to give way to the new thinking that everyone will be hacked. The issue has been commented on for a long time now is we don’t know when; it is impending nonetheless. And now it's Coinbase. Everytime one feels that it cannot get crazier, but we are beaten in a short span of time, about what we thought could be the worst. Coinbase founded in 2012 by Brain Armstrong and Fred Ehrsam, is a well known public traded cryptocurrency exchange.
Listed in NASDAQ under the ticker COIN since April 2021 is one of the most widely used platforms for buying, selling and storing cryptocurrencies like Bitcoin and Ethereum. Coinbase said that it suffered a data breach; the data lost includes customers’ names, physical and email addresses, government ids like driver’s licences and passports, last four digits of Social Security numbers, and other financial information. What has been the hackers goal? It was to collect customer data to then contact those Coinbase users, impersonate Coinbase and then giving away their cryptocurrency.
How did it happen? It was recently infiltrated by “criminals” who used cash rewards to get Coinbase customer support agents outside of the US to send them customer data. Simply put, the scammers bribed the company insiders to steal sensitive data. “Now, unfortunately, they were able to find a few bad apples,” the CEO said. It is said that the hack may well cost the company in the tune of $400 million. The scammers are holding the data to ransom. They tried to “extort” coinbase by demanding $20 million for covering up the situation. Armstrong turning down the offer has been seen as a welcome beginning in such cases.
The exchange said that the breach has affected less than 1% of users with their sensitive information getting exposed. What is the road ahead? One is to make the impact of this breach more bearable and second is to make the system much more secure. On the first count the incident could cost anything between $180 to $400 million as per the preliminary estimates of remediation costs, customer reimbursements, and other related expenses. While the company is sorry for the worry and inconvenience to the customers impacted, they would keep owning issues as and when they arise and have decided to keep investing in world class defences.
THE BATTLE AGAINST HACKS CAN START ONLY WHEN THE VICTIMS REFUSE TO PAY AND TAKE THE BATTLE HEAD ON.