Hackers Exploit MFA Flaw to Steal From 6,000 Coinbase Customers

Share Article
In Brief
  • Coinbase has informed more than 6,000 customers that they have been victimized by a hack.

  • The hackers utilized a flaw in the SMS account recovery process that gave them access to personal information and wallets.

  • The exchange says that all customers affected will have the stolen assets refunded to them automatically.

  • promo

    Level Up with Bybit – Trade $100 and Win 1 BTC Trade now!

The Trust Project is an international consortium of news organizations building standards of transparency.

The giant cryptocurrency exchange informed some customers that they had been victimized by a hack. 



Coinbase has sent thousands of emails to customers informing them of an attack that took place between March and May 2021. The exploit targeted a flaw in the exchange’s two-factor authentication system and saw a significant number of customers affected. 

The email says that “At least 6,000 Coinbase customers had funds removed from their accounts, including you. In order to access your Coinbase account, these third parties first needed prior knowledge of the email address, password, and phone number associated with your Coinbase account, as well as access to your personal email inbox.”



Coinbase plugging holes and investigating the hack

Coinbase admits that it has yet to determine exactly how these third parties managed to gain access to users’ personal information. However, “this type of campaign typically involves phishing attacks or other social engineering techniques to trick a victim into unknowingly disclosing login credentials to a bad actor. ” says the letter. Coinbase adds that they have found no evidence that the bad actors obtained any personal information from within the Coinbase platform. The letter elaborates on how the authentication works, saying that even with all of the aforementioned personal information, additional authentication would be required to access Coinbase accounts. 

The exchange concluded that customers who use SMS text messages to manage two-factor authentication were targeted specifically. The attackers used a flaw in the SMS account recovery process to be sent a recovery token and take control of user accounts. The email goes on to state, “Once in your account, the third party was able to transfer your funds to crypto wallets unassociated with Coinbase.” Coinbase claims that the issue has since been rectified and the SMS account recovery system will no longer bypass other authentication processes. Happily, for the victims of the theft, Coinbase will be depositing funds into their accounts equal to the amount stolen by the bad actors. 

According to the news, the third-party thieves were able to access personal email, phone numbers, full name, home address, date of birth. The exchange adds that its team has been working with law enforcement to help investigate the individuals involved in the cybercrime. 

What do you think about this subject? Write to us and tell us!


All the information contained on our website is published in good faith and for general information purposes only. Any action the reader takes upon the information found on our website is strictly at their own risk.
Share Article

Matthew De Saro is a journalist and media personality specializing in sports, gambling, and statistics. Before joining BeInCrypto, his work was featured on Fansided, Forbes, and OutKick. With a background in statistical analysis and a love of writing, he takes an outside-the-box approach to reporting news.

Follow Author

Don’t get FUD! Win 1 ETH when you deposit $100 with Bybit!      


FOMO no more. Win 1 BTC when you trade $100 on Bybit!      


Bybit New Token Listing: Win In-Game NFTs and SIDUS Tokens.      

Win Now!