According to a breach notification letter provided to affected clients by Coinbase Global Inc (COIN.O), hackers stole from the accounts of at least 6,000 customers of the cryptocurrency exchange.
According to a copy of the letter released on the Attorney General’s website, the hack occurred between March and May 20 of this year. Unauthorized third parties took advantage of a hole in Coinbase’s SMS account recovery process to obtain access to accounts and move assets to crypto wallets not affiliated with the company, according to the company.
“We immediately fixed the flaw and have worked with these customers to regain control of their accounts and reimburse them for the funds they lost,” a Coinbase spokesperson said on Friday.
The hackers needed access to personal emails and knowledge of the email addresses, passwords, and phone numbers associated with the compromised Coinbase accounts, according to the business. There was no evidence that the information was taken via Coinbase, according to the business. Bleeping Computer, a technology news site, first reported on the intrusion.
