reported that “Coinbase on Friday revealed that the hacking campaign against the company began on Feb. 5 when its employees received SMS messages requesting that they urgently log into their official email accounts to receive an important message.”  The February 21, 2023 article entitled “Crypto Exchange Coinbase Details SMS Phishing Attacks” ( included these comments:

Although the majority of the workforce ignored the messages, the company says an unidentified employee clicked on the malicious link and entered his or her email ID and password on a fake login page. When the hackers gained the user’s credentials, they attempted to get remote access to the Coinbase network, but due to two-factor authentication controls, they couldn’t gain further access, the company says.

The hackers then directly contacted an employee, according to Coinbase, and claimed to be a Coinbase corporate IT staff member seeking help. But the Coinbase employee became suspicious, and when the SIEM alerted the incident response team to unusual behavior, the team notified the employee, who terminated all communication with the attackers, Coinbase says.

Although the company says it was able to prevent the attack quickly, it acknowledged the incident did cause limited leaks of employee data such as user names and contact details.

This is alarming to say the least! What do you think?

First published at