Security News > 2023 > February > Coinbase cyberattack targeted employees with fake SMS alert
Coinbase cryptocurrency exchange platform has disclosed that an unknown threat actor stole the login credentials of one of its employees in an attempt to gain remote access to the company's systems.
As a result of the intrusion the attacker obtained some contact information belonging to multiple Coinbase employees, the company said, adding that customer funds and data remained unaffected.
Coinbase has shared the findings of their investigation to help other companies identify the threat actor's tactics, techniques, and procedure and set up appropriate defenses.
The attacker targeted several Coinbase engineers on Sunday, February 5 with SMS alerts urging them to log into their company accounts to read an important message.
"Fortunately no funds were taken and no customer information was accessed or viewed, but some limited contact information for our employees was taken, specifically employee names, e-mail addresses, and some phone numbers" - Coinbase.
Employees of companies that manage digital assets and have a strong online presence are bound to be targeted by social engineering actors at some point.