Express
Coinbase's Authentication Vulnerability Affects At Least 6,000 Accounts
Summary: A vulnerability that allows hackers to bypass Coinbase's multi-factor authentication (MFA) has affected at least 6,000 users of the exchange, a document filed by Coinbase to the California Attorney General's Office shows. Between March 2021 and May 20, hackers used a vulnerability in the Coinbase account recovery process to receive SMS two-factor authentication codes to ...
A vulnerability that allows hackers to bypass Coinbase's multi-factor authentication (MFA) has affected at least 6,000 users of the exchange, a document filed by Coinbase to the California Attorney General's Office shows.
Between March 2021 and May 20, hackers used a vulnerability in the Coinbase account recovery process to receive SMS two-factor authentication codes to hack into the account. Hackers can also access the electronic accounts associated with each Coinbase account. Email address, password, and phone number.
Coinbase believes that hackers have stolen this information through a phishing scheme. The company stated that it is providing compensation to customers for the stolen funds, but it is not clear whether these payments are made in fiat or cryptocurrency. The exchange recommends users switch to a more secure version of MFA, such as hardware security keys or authentication applications.
By Mary Liu
Tags: Coinbase,Hack,MFA
Link: Coinbase's Authentication Vulnerability Affects At Least 6,000 Accounts [Copy]