Hackers Rob Thousands Coinbase Customers SMS MFA Flaw


Coinbase, a major U.S.-based bitcoin and cryptocurrency exchange, disclosed today that a hacker was able to bypass the company’s SMS multi-factor authentication mechanism and steal funds from 6,000 users, Bleeping Computer reported.

The breach of Coinbase customers’ accounts happened between March and May 20, 2021, in a hacking campaign that combined phishing scams and a vulnerability exploit on the company’s security measures.

The U.S.-based exchange, which has approximately 68 million users from more than 100 countries, reportedly said that in order to conduct the attack, the hackers needed to know the user’s email address, password, and phone number, as well as have access to their email accounts. It is not clear how the hackers gained access to that information.

Leave A Reply

Your email address will not be published.