Exchanges Binance and Kraken successfully thwarted social engineering attacks similar to those that affected Coinbase, according to Bloomberg, citing sources.
On May 15, the leading American crypto trading platform reported a data breach resulting from the bribery of overseas support staff. Coinbase claimed the leak affected no more than 1% of its clients. The attackers obtained users’ names, addresses, and email addresses, but not passwords or private keys.
According to the publication, one of the victims was Sequoia Capital’s managing partner, Roelof Botha.
Coinbase refused to pay the $20 million ransom demanded by the hackers and took steps to enhance security. The exchange estimated the costs of resolving the incident and compensating users at $180-400 million.
The company established a $20 million reward fund to aid in tracking down the perpetrators, contacted law enforcement, and handed over employees who leaked information to investigators.
Sources told Bloomberg that Binance and Kraken faced similar attacks, but their internal policies and technologies enabled them to repel the attempts.
Binance’s AI-based systems detected attempts to bribe support specialists, sources clarified.
According to them, security staff from several exchanges received information in December 2024 about hackers targeting major Coinbase clients, and at least one competitor sent the platform several warnings about this.
Back in March, users of the exchange reported phishing emails. The attackers, posing as Coinbase, offered to transfer assets to new wallets using pre-generated seed phrases.
In May, on-chain sleuth ZachXBT reported that within a week, attackers had stolen $45 million from platform users using social engineering techniques.