Coinbase Admits Putting 3,500 Traders’ Crypto Funds at Risk

Coinbase Admits Putting 3,500 Traders’ Crypto Funds at Risk

A bug could have lost the users of Coinbase a lot of money, confesses the exchange itself in its latest blog post.

Coinbase Holds Its Hands Up

The Friday “post mortem” revealed that an error on Coinbase sign-up page saved customers’ information on Coinbase internal web server logs in a clear text. So a password writing which, say, looks like “123456” was appearing like “123456” to the staff at the San Francisco-based cryptocurrency firm. Ideally, it could have been hashed into non-readable text.

The bug, Coinbase admitted, affected 3,420 customers in total. Excerpts from their statement:

Under [a very specific] and rare error condition, the registration form on our signup page wouldnt load correctly, which meant that any attempt to create a new Coinbase account under those conditions would fail. Unfortunately, it also meant that the individuals name, email address, and proposed password (and state of residence, if in the US) would be sent to our internal logs.

The exchange said users who resubmitted the form had their password and other details hashed securely. Unfortunately, the 3,420 customers, as mentioned above, accidentally logged their private data onto Coinbase servers.

No Damage Reported

Coinbase behaved like a good Samaritan and fixed the issue on top priority. The firm asserted that they traced the entire line of storage to confirm that it was not holding any of customers’ personal information.

We have an internal logging system hosted in AWS, as well as a small number of log analysis service providers,” wrote Coinbase. “Access to all of these systems is tightly restricted and audited. A thorough review of access to these logging systems did not reveal any unauthorized access to this data.

The firm also triggered a password reset for affected customers. It asserted that a password alone could not have a potential hacker steal their bitcoins, explaining that they protect each account with mandatory email and 2FA authentications.

We maintain incredibly high standards for securing the Coinbase platform, and any time we fall even slightly short of those standards, we mobilize a team to figure out what went wrong, and how we prevent it from happening again. We also believe in being transparent with our customers, which is why were sharing the results of our investigation today.

Still Secure

The alert came at a time when institutional investors are taking concrete steps towards introducing bitcoin in their portfolio. Security, nevertheless, has remained one of their top concerns, given the cryptocurrency custodians’ history of letting hackers steal billions of dollars worth of assets right under their nose.

Coinbase, a US-regulated entity, has never been hacked. The exchange maintains commercial, criminal insurance an aggregate amount that is greater than the value of the digital currency it keeps in online storage.

What do you think of the Coinbase privacy bug? Add your thoughts below!

Images via Shutterstock, Twitter @morodog

The post Coinbase Admits Putting 3,500 Traders’ Crypto Funds at Risk appeared first on Bitcoinist.com.

19.08.2019 / 09:40 20
Coinbase Integrates TurboTax to Help its US Customers File Crypto Taxes Coinbase Integrates TurboTax to Help
The American tax season is an annual period between late January till around mid April. With the government shutdown temporarily suspended for three
Coinbase Custody Announces Support for Ripple’s XRP Coinbase Custody Announces Support for
As declared a month earlier [Oct 15th] by Coinbase Custody, it has officially added RippleLabs’ speedy coin XRP support for the custodian services.
SEC Reveals 164 Page Document of Coinbase Customer Complaints SEC Reveals 164 Page Document of
The SEC has revealed that it has received nearly 200 pages worth of customer complaints from Coinbase customers. Coinbase is undoubtedly one of the
Coinbase to Let Users Withdraw Funds from Bitcoin Forks Coinbase to Let Users Withdraw Funds
Cryptocurrency startup Coinbase said Thursday that, in the coming months, it will let customers withdraw funds resulting from forks of the bitcoin
Coinbase Granted UK E-Money License & Bank Account for UK, EU Markets Coinbase Granted UK E-Money License
Major cryptocurrency exchange Coinbase is making significant strides in its European expansion. San Francisco-based Coinbase has now received an
Coinbase Releases Tax Calculator But Many Users Will Likely Not Qualify Coinbase Releases Tax Calculator But
Coinbase customers can calculate their cryptocurrency tax obligations this year, provided they meet multiple requirements. US exchange and wallet
Comments (0)
Add a comment
Comment on