Twitter thread shows Coinbase's servers may be compromised

crypto news hacker writing a code on his laptop blurry background dark neon color cyberpunk

A Coinbase user recently shared a Coinbase-related scam story indicating that the exchange’s servers might be compromised.

Jacob Canfield, a YouTube host and bitcoin enthusiast, claimed he received a text message about a changed two-factor authentication (2FA) setting on their Coinbase account. Shortly after, he got three phone calls from an individual claiming to be a Coinbase customer support representative. The calls originated from a San Francisco number, adding to the illusion of legitimacy.

Holy shit.

I just got attacked with one of the most complex scams in #crypto that I have seen to date.

Please read if you use @coinbase.

This just happened 15 minutes ago.

THIS IS A WARNING FOR ALL COINBASE USERS!

There has been some sort of a data breach.

First, I… pic.twitter.com/aOVWLpAtY4

— Jacob Canfield (@JacobCanfield) June 13, 2023

During the calls, the impersonator asked whether Canfield was traveling outside the US and whether he had requested changes to the email or 2FA settings. Although the trader denied travel plans and insisted he hadn’t initiated any changes, the scammer insisted on revealing the verification code.

The scammer also intended to redirect Canfield to a “security team” to verify the account and prevent suspension. The scammer possessed the user’s name, email address, and location to establish credibility. They even sent a fraudulent email from [email protected] to the user’s email containing a seemingly legitimate verification code.

Canfield immediately changed his Coinbase account password and 2FA settings. However, the scammer insisted those actions would not suffice for verification and threatened to lock the account for seven days unless the user provided the verification code. When Canfield refused, the scammer abruptly ended the call.

The incident raised concerns about a potential attack on Coinbase’s servers. In the replies, users shared similar stories involving the impersonators who claimed to be from the exchange’s support.

Was targeted by the same / very similar scam.

Received a phone call from “Coinbase Support”, and at the same time I received this email.

Told the caller just to lock my account, and he got aggressive. I immediately logged in and locked my account. No reason for me really to… pic.twitter.com/yyjNT9YgYw

— 6457.eth (@JKrantz) June 14, 2023

Moreover, another user reported a similar case on ChainAbuse in November 2022. According to the post, the amount lost was over 13 BTC (around $360,000).

In Canfield’s case, the hackers not only had his data, which would mean a data breach. They were also able to spoof the email as if it were from @coinbase.com which looks like an alleged hack. The domain and some less critical servers could probably be compromised.

Crypto.news has requested an official comment from Coinbase regarding the matter.