Popular cryptocurrency exchange platform Coinbase disclosed that it experienced a cybersecurity attack that targeted its employees.
The company said its “cyber controls prevented the attacker from gaining direct system access and prevented any loss of funds or compromise of customer information.”
The incident, which took place on February 5, 2023, resulted in the exposure of a “limited amount of data” from its directory, including employee names, e-mail addresses, and some phone numbers.
As part of the attack, several employees were targeted in an SMS phishing campaign urging them to sign in to their company accounts to read an important message.
One employee is said to have fallen for the scam, who entered their username and password in a fake login page set up by the threat actors to harvest the credentials.
“After ‘logging in,’ the employee is prompted to disregard the message and thanked for complying,” the company said. “What happened next was that the attacker […] made repeated attempts to gain remote access to Coinbase.”
images from Hacker News