Quick overview

---

Coinbase revealed a hack on its cryptocurrency exchange on Thursday. This comes just three days after the company’s most significant accomplishment in popularizing the digital asset class, the addition of its shares in the S&P 500 Index, will be included in trillions of dollars’ worth of retirement plans and other investment products that follow the benchmark index.

The company claims that the Coinbase Prime service, which stores cryptocurrency for ETF issuers and provides services to other institutional investors, was unaffected; however, the hackers had almost constant access to a portion of Coinbase Global.

According to a person familiar with the incident who wished to remain anonymous while discussing business matters, it was the most valuable customer data since January.

The hackers’ plan was blatant, if not particularly impressive in terms of technology: they bought off customer service agents to steal customer information, then demanded a $20 million ransom to remove it. The company first noticed odd behavior in January.

The data breach included names, birth dates, addresses, nationalities, government-issued identification numbers, and banking information.

The hackers had successfully obtained on-demand access to Coinbase customer data over the previous five months by bribing enough customer support agents.

Coinbase Chief Security Officer Philip Martin refuted the claim of nearly continuous access, stating that the company immediately removed the agents’ access after sharing information improperly. He claimed that as a result, the hackers “did not have persistent access throughout the entire period.”.