The cryptocurrency exchange Coinbase said hackers had stolen the accounts of at least 6,000 customers.
According to Coinbase, the attack, which took place between March and May 20, 2021, exploited a vulnerability in the company’s SMS recovery process to gain access to customer accounts and transfer funds to crypto-wallets not associated with the company.
Coinbase further stated that in order to carry out such actions, attackers must have gained access to the email addresses, passwords and phone numbers of affected customers, although the company revealed that there was no evidence that such data leaks originated from the company.
Speaking on Friday on the issue, a Coinbase spokesperson noted, “we immediately fixed the flaw and have worked with these customers to regain control of their accounts and reimburse them for the funds they lost.” News of the estimated affected customers was confirmed in a notice letter sent by Coinbase to affected customers.
For more information, read the original story in Reuters.