Coinbase, the largest American crypto exchange on trading volume metrics, is faced with an intense reaction after Thursday reports indicated that an employee has disclosed sensitive customer data.
Users have taken up arms after the reports suggest that the risk was known for months before the company disclosed the incident.
Users were indignant as data leak occurred for months before disclosure
The initiate violation, which would have affected “less than 1%” of the monthly active users of Coinbase, aroused a generalized indicator in the cryptographic community. Users say they are targeted in sophisticated phishing and identity scams.
Among them, Qwqiao, an alleged targeted victim who recounts the frightening precision of the scam. Qwqiao, who works in customer support at Alliance Dao, said that he had almost been a victim but exceeded the bad players.
“… I called them at the end of the call telling them that they had to intensify their game because this scam is delayed. They told me that they had won $ 7 million that day,” he said.
Adam Cochran, a renowned X figure (Twitter), condemned Coinbase failure to protect data such as government identifiers and physical addresses. He says that this deficit presents risks that far exceed financial loss.
“Coinbase disclosure is concentrated here on stolen funds, but it is not relevant … No element of the KYC / AML policy requires that this type of thing is accessible to your customer support agents. I don’t want to hear about what Coinbase does to recover the funds-I want to hear what they are doing to better process private data, “he said.
The indignation comes in the midst of allegations according to which the violation occurred in January. Users and analysts say that the supposed silence of Coinbase has left vulnerable users for months.
“Coinbase knew that they have been stolen their user data since January, but have not said anything so far? We have had endless reports on the users of Coinbase drained by imitators. We now know why,” a renowned analyst wrote.
According to Duo Nine, The supposed removal of Coinbase even puts institutional assets at a concentrated risk. Coinbase plays a dominant role in the crypto spot andf (Stock market negotiated funds) Market. More specifically, it provides childcare services for eight from 11 ETF Bitcoin and eight of the nine Ethereum.
Coinbase Exchange also offers market execution and monitoring services. In particular, this is not the first time that his domination in guard has aroused concerns about his position as a single potential point of failure.
“This does not increase well that almost all the emitters of Crypto ETF have the same goalkeeper for all their BTC and ETH.
Coinbase did not immediately respond to the request for Beincrypto comments.
The risks of the leak are unpredictable and dangerous
Meanwhile, concerns arise that this violation is particularly disturbing because Coinbase was not hacked. Instead, he was betrayed from the inside. A support employee has accessed and sold customer data on the black market.
For some, this presents itself as a blatant failure of internal controls. Bob Loukas, a position merchant, spoke clearly, calling for the exchange for an appropriate lack of disclosure.
“You know that you are sitting on the most sought after data, and you have allowed support agents to access it in bulk. It is unacceptable,” said Loukas.
The implications go beyond the financial flight, with the founder of Rotki, Lefteris Karapetsas, warning that the centralization of real identity data alongside the cryptography sales is a “disaster that awaits to occur”.
“Coinbase has just proven why centralized data honey jars are a disaster waiting.
Rotki is a portfolio tracking application, with Karapetsas, a data protection expert, referring to a recent attempt to kidnap the family of a Paris crypto chief. Ariel Givner, a business lawyer specializing in fintech, confirmed fears of the real world.
“I had five people contact me today. They are afraid for their safety and their family. It may get worse, ”she wrote.
Intelligence experts say that the incident can be part of a greater sale on the dark web. According to cybersecurity sources, a threat actor recently offered a trove of $ 18 million from American crypto platforms.
Among them, more than 432,000 Coinbase user records for $ 10,000, with names, emails, telephone numbers, addresses, etc.
Coinbase has not yet addressed the indignation of users, but it offers a reward fund of $ 20 million for information leading to the arrest and the conviction of bad actors. The exchange said they had contacted all the victims affected.
“If your data was accessible, you have already received an email from [email protected]; All notifications were published at 7:20 am to affected customers, ”said Coinbase Support on X
Non-liability clause
In membership of the Trust project guidelines, Beincrypto has embarked on transparent impartial reports. This press article aims to provide precise and timely information. However, readers are invited to check the facts independently and consult a professional before making decisions according to this content. Please note that our terms and conditions, our privacy policy and our non-responsibility clauses have been updated.
