6,000 Coinbase Accounts Compromised in Latest Hack


This appears to be the largest breach in Coinbase security. Previously, 3500 accounts were compromised in August 2019 due to a password glitch.

A flaw in the multi-factor authentication through SMS allowed hackers to break into at least 6,000 Coinbase accounts. This unfortunate event seems to have happened between March and May of 2021.

Hackers were able to gain unauthorized access to these accounts via a security flaw in the account recovery process of Coinbase happening with SMS. However, it’s reported by Coinbase that these accounts were already compromised previously wherein their account email, password and phone number were known by the hackers. They may have got the login information from phishing attacks and social engineering techniques which most of the customers fell victim to.

Coinbase is reportedly compensating the victims of this attack. Coinbase has set up a dedicated phone line for customers affected by this attack. More information can be found in this document.