Bitcoin btc
$ usd

Hackers Exploit MFA Flaw to Steal From 6,000 Coinbase Customers

2 mins
Updated by Ryan James
Join our Trading Community on Telegram

In Brief

  • Coinbase has informed more than 6,000 customers that they have been victimized by a hack.
  • The hackers utilized a flaw in the SMS account recovery process that gave them access to personal information and wallets.
  • The exchange says that all customers affected will have the stolen assets refunded to them automatically.
  • promo

The giant cryptocurrency exchange informed some customers that they had been victimized by a hack. 

Coinbase has sent thousands of emails to customers informing them of an attack that took place between March and May 2021. The exploit targeted a flaw in the exchange’s two-factor authentication system and saw a significant number of customers affected. 

The email says that “At least 6,000 Coinbase customers had funds removed from their accounts, including you. In order to access your Coinbase account, these third parties first needed prior knowledge of the email address, password, and phone number associated with your Coinbase account, as well as access to your personal email inbox.”

Coinbase plugging holes and investigating the hack

Coinbase admits that it has yet to determine exactly how these third parties managed to gain access to users’ personal information. However, “this type of campaign typically involves phishing attacks or other social engineering techniques to trick a victim into unknowingly disclosing login credentials to a bad actor. ” says the letter. Coinbase adds that they have found no evidence that the bad actors obtained any personal information from within the Coinbase platform. The letter elaborates on how the authentication works, saying that even with all of the aforementioned personal information, additional authentication would be required to access Coinbase accounts. 

The exchange concluded that customers who use SMS text messages to manage two-factor authentication were targeted specifically. The attackers used a flaw in the SMS account recovery process to be sent a recovery token and take control of user accounts. The email goes on to state, “Once in your account, the third party was able to transfer your funds to crypto wallets unassociated with Coinbase.” Coinbase claims that the issue has since been rectified and the SMS account recovery system will no longer bypass other authentication processes. Happily, for the victims of the theft, Coinbase will be depositing funds into their accounts equal to the amount stolen by the bad actors. 

According to the news, the third-party thieves were able to access personal email, phone numbers, full name, home address, date of birth. The exchange adds that its team has been working with law enforcement to help investigate the individuals involved in the cybercrime. 

What do you think about this subject? Write to us and tell us!


In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content.

Matthew De Saro
Matthew De Saro is a journalist and media personality specializing in sports, gambling, and statistics. Before joining BeInCrypto, his work was featured on Fansided, Forbes, and...