At least 6,000 Coinbase Global Inc users’ accounts were hacked, according to a breach notification letter given to impacted customers by the cryptocurrency exchange. According to a copy of the letter released on the Attorney General’s website, the hack occurred between March and May 20 of this year.
Unauthorized third parties took advantage of a weakness in Coinbase’s SMS account recovery procedure to obtain access to accounts and move cash to crypto wallets not affiliated with the company, according to Coinbase.
On Friday, a Coinbase representative stated, “We immediately fixed the flaw and have worked with these customers to regain control of their accounts and reimburse them for the funds they lost.”
According to the company, the hackers needed access to personal emails and knowledge of the email addresses, passwords, and phone numbers associated with the impacted Coinbase accounts.
There was no proof that the information was received via Coinbase, according to the company.
Bleeping Computer, a technology news site, first reported on the hack.