At least 6,000 Coinbase Global Inc clients’ accounts were hacked, according to a breach notification letter given to impacted customers by the cryptocurrency exchange.
According to a copy of the letter released on the Attorney General’s website, the hack occurred between March and May 20 of this year.
Unauthorized third parties took advantage of a weakness in Coinbase’s SMS account recovery procedure to obtain access to accounts and move cash to crypto wallets not affiliated with the firm, according to the company.
On Friday, a Coinbase representative stated, “We promptly rectified the problem and worked with these clients to recover control of their accounts and compensate them for the cash they lost.”
The hackers needed access to personal emails and knowledge of the email addresses, passwords, and phone numbers associated with the impacted Coinbase accounts, according to the firm.
There was no proof that the information was received via Coinbase, according to the firm.
Bleeping Computer, a technology news site, first reported on the attack.