Coinbase has stated that hackers managed to steal employee information during a hacking campaign in 2022.
The cryptocurrency exchange claims that it was hacked by the 0ktapus hacker group.
- According to Coinbase, the hacking campaign launched by 0ktapus is the same campaign that breached other companies such as DoorDash, Twilio, and Cloudflare.
- In order to breach the company, 0ktapus hackers sent false SMS text messages to several employees, telling them to log in urgently by clicking on a link they were sent.
- One Coinbase employee clicked the phishing link and logged in using their credentials.
- The hacker tried to gain access to Coinbase’s internal systems using the stolen credentials but was unable to do so because of Multi-Factor Authentication.
- To overcome the challenge, the hackers used vishing to direct the victim to log into their workstation. This enabled the hackers to steal employee information, including names, email addresses, and phone numbers.
- Coinbase said no customer data was accessed in this breach.
