Coinbase, a leading crypto exchange, has revealed it recently experienced a cyber security attack that targeted one of its employees.
Coinbase, which is claiming that it is the most trusted cryptocurrency platform, said that a hacker stole the login credentials of a company employee to gain remote access to its system, and obtained contact information belonging to multiple employees.
“Fortunately, Coinbase’s cyber controls prevented the attacker from gaining direct system access and prevented any loss of funds or compromise of customer information. Only a limited amount of data from our corporate directory was exposed,” Coinbase said in a blog post.
The company stated that on Sunday (February 5), several employees’ mobile phones started to alert with SMS messages indicating that they need to urgently log in via the link provided to receive an important message.
While the majority of employees ignored this unprompted message, one employee, believing it to be an important and legitimate message, clicked the link and entered their login information.
After logging in, the employee was asked to disregard the message and thanked for doing so.
The attacker equipped with a legitimate Coinbase employee username and password made repeated attempts to gain remote access to the company.
The attacker was unable to provide the required Multi-Factor Authentication (MFA) credentials — and was blocked from gaining access.
The crypto exchange platform noted that, after a while, its employee’s mobile phone rang, and it started a conversation with the attacker who claimed to be from Coinbase corporate Information Technology (IT), and needed the employee’s help.
Coinbase said its employee logged into their workstation and began following the attacker’s instructions believing that they were speaking to a legitimate Coinbase IT staff member.