We are going to talk about two security incidents in this weekly digest. The main dish is a data breach of the largest crypto exchange company. Criminals bribed some Coinbase contractors to leak customers' information and tried to extort a ransom of $20 million. The second incident involved sensitive data being exposed due to a human error in Nigeria.
Coinbase, the largest crypto exchange in the world, has fallen victim to a data breach. The incident is a significant setback for the company, which is set to join the S&P 500 index. Malicious actors targeted Coinbase's employees and convinced them to share customer data with criminals. According to Coinbase, less than 1% of its monthly transacting users were affected by the incident. In the first quarter of 2024, Coinbase reported that it had around 8 million monthly active users. Therefore, the breach may have exposed the personal information of approximately 80,000 individuals.
Coinbase published an official statement on their website on May 15 about the incident. The company stated that criminals targeted overseas contractors and persuaded them to transfer data from customer support systems.
Firstly, the adversaries used the gathered information to carry out social engineering attacks, tricking people into handing over their cryptocurrency assets. Secondly, the criminals contacted Coinbase and demanded a ransom of $20 million to keep the matter quiet.
The exposed data included:
- Name, address, phone number, and email address
- Masked social security number
- Masked bank account information and some bank identifiers
- Driver's license and passport images
- Account data, including balance and transaction history
However, criminals didn’t access data required for direct control over compromised accounts, e.g., 2FA codes or credentials.
Coinbase rejected the demands and came up with a public statement about the incident. In contrast, the company increased investment in insider-threat detection and other security measures. Also, Coinbase established a $20 million reward for information about attackers. The company expects the total costs associated with the incident to be between $180 million and $400 million, including remediation efforts and customer reimbursements. News has already surfaced that some Coinbase customers have lost up to $2 million in funds.
Another information security incident involving an insider occurred in Nigeria. Zamfara Information Technology Development Agency (ZITDA) released a statement on the unauthorized disclosure of personal data. This incident affected applicants for the Zamfara State CBT Teachers' Recruitment Exercise.
According to ZITDA's statement, a member of the recruitment committee violated established security protocols and published a list of applicants' personal information, exposing sensitive data. The leaked information included:
- Bank Verification Numbers (BVN)
- National Identification Numbers (NIN)
- Phone numbers
- Dates of birth
This data leak is a clear violation of Nigeria's Data Protection Act. Exposed records could be used for various criminal activities such as identity theft, cyber fraud, and privacy invasion.
The ZITDA has launched an investigation to determine the exact causes of the incident. The agency intends to take measures to prevent future data breaches. Employees will receive data privacy training, and data governance processes will be strengthened.
Insider threats are a reality that cybersecurity professionals must deal with. They can come in the form of malicious intent or simple human error. In fact, 68% of data breaches in 2024 involved a human element. It's worth noting that both malicious insiders and unintentional user errors are equally common and occur in equal numbers.
Internal threats are the major challenge for security specialists. 92% of organizations find internal threats equally or more challenging to detect than external cyberattacks. For instance, 21% of threat actors in the UAE in 2023 were classified as insider threats. To address this challenge, SearchInform has developed Risk Monitor. Risk Monitor unites the classical capabilities of DLP systems with advanced forensic analysis, activity monitoring, and risk mitigation techniques.
If your company has a limited budget for security, you may be interested in our Managed Security Service. This service provides reliable protection and allows you to save money on the hiring of additional staff and expensive software licenses.
Subscribe to get helpful articles and white papers.
We discuss industry trends and give advice on how to deal with data leaks and cyber incidents.
SearchInform uses four types of cookies as described below. You can decide which categories of cookies you wish to accept to improve your experience on our website. To learn more about the cookies we use on our site, please read our Cookie Policy.
Necessary Cookies
Always active. These cookies are essential to our website working effectively.
Cookies does not collect personal information. You can disable the cookie files
record
on the Internet Settings tab in your browser.
Functional Cookies
These cookies allow SearchInform to provide enhanced functionality and personalization, such as remembering the language you choose to interact with the website.
Performance Cookies
These cookies enable SearchInform to understand what information is the most valuable to you, so we can improve our services and website.
Third-party Cookies
These cookies are created by other resources to allow our website to embed content from other websites, for example, images, ads, and text.
Please enable Functional Cookies
You have disabled the Functional Cookies.
To complete the form and get in touch with us, you need to enable Functional Cookies.
Otherwise the form cannot be sent to us.
Subscribe to our newsletter and receive a bright and useful tutorial Explaining Information Security in 4 steps!
Subscribe to our newsletter and receive case studies in comics!