coinbase

Criminals: Give us $20M or we doxx your customers

Brian Armstrong: Let me put a $20M bounty on your heads instead

🫳🎤

Cyber criminals bribed and recruited rogue overseas support agents to pull personal data on &lt;1% of Coinbase MTUs. No passwords, private keys, or funds were exposed. Prime accounts are untouched. We will reimburse impacted customers. More here: https://t.co/SidVn59JCV

Brian Armstrong

Criminals: Give us $20M or we doxx your customers

Brian Armstrong: Let me put a $20M bounty on your heads instead

🫳🎤

https://x.com/brian_armstrong/status/1922967787309256807

infosec

𝖒𝖆𝖓𝖉𝖆𝖙𝖚𝖒 𝖆𝖉 𝖆𝖘𝖙𝖗𝖆

imho the damage is already done. there will be more victims of wrench attacks. 

but it's not a simple matter of encrypting everything.

Aviator, diver, Etherean, nexialist, PhD in aviation ∩ climate science | Host of /diving /ethfinance /eth-staker /geopolitics /science /singapore /thomas

imho the damage is already done. there will be more victims of wrench attacks. 

but it's not a simple matter of encrypting everything.

https://warpcast.com/m-j-r.eth/0xe166fb55

the list is probably not inclusive of the overwhelming majority that hold pocket money in some newsworthy asset. probably more to do with known custodians of protocol keys. 

just hope everyone realizes that it's better to risk injury/death fighting off would-be kidnappers, than to be moved to a secondary location where mutilation and worse will occur.

I’m surprised the rogue agents were allowed to exfil entire lists. I would expect support agents to only have access to one account at a time, with some throttling in place.

Brian talked about the risk of social engineering attacks, but once physical addresses get leaked, I agree that a wrench attack is the greater risk.

Also curious to see if it’s really just 1% of the customer base (as he declared)