Coinbase Exchange Scandal: Overseas Employees Accept Bribes Leading to Customer Data Breach
Coinbase exchange’s overseas employees have been implicated in accepting bribes, resulting in a customer data breach that has caused a stir in American society. Following the exposure of this incident, major media outlets in the United States have begun reporting on the situation, and experts have provided various opinions for the public, who are concerned about data leaks. There has been an increase in social engineering scams arising from such data breaches, where scammers not only steal digital assets but also utilize the acquired personal information to target the victim’s relatives and friends. Experts have proposed measures to address the Coinbase data breach, which are also applicable to other platforms. The information is compiled from the Blockworks newsletter as follows.
How to Protect Against Data Breaches
Ariel Givner, a cryptocurrency and intellectual property lawyer, stated in an article that she has received numerous messages from clients who have been informed that Coinbase has leaked their personal information. What can they do to protect themselves against data breaches? If Coinbase notifies customers that their personal data has been compromised, various countermeasures can be taken.
Victims whose identities have been stolen may be further targeted by social engineering scams, which often aim at the victim’s immediate relatives or friends.
There are online services for deleting personal information, such as DeleteMe, which can remove personal data from the internet. Individuals can also request Google to delete their personal information online. However, if personal data has already fallen into the hands of attackers, one may consider blurring their home on Google Maps’ Street View and proactively notifying their bank to freeze their credit card accounts, preventing anyone from increasing credit limits in their name. Microsoft recommends issuing alerts to major credit reporting agencies.
Attackers may attempt to penetrate the victim’s circle of friends and family through social engineering attacks. After obtaining personal data, criminals may target those close to the victim; hence, it is essential to notify friends and family to raise their awareness. Experts suggest creating a “passphrase” known only to trusted individuals. This passphrase should have no relation to personal data but can help friends and family verify the victim’s identity.
Recommendations from the U.S. Attorney’s Office
The Texas Attorney General advises Americans not to use debit cards for online shopping and instead recommend using a specific credit card for online purchases to simplify and better protect their online identity. The California Attorney General suggests using antivirus software, being cautious of unknown calls, and avoiding clicking on phishing emails.
Opt out of pre-approved credit card authorizations. Some individuals set up numerous pre-approved credit card authorizations for convenience. Experts recommend opting out of these options to prevent criminals from committing credit card fraud in your name.
Ways to Protect Digital Assets
Regularly review daily and monthly statements, and never share wallet recovery phrases and passwords with anyone, including those claiming to be customer service representatives. Write recovery phrases down on paper and store them in a secure place. Consider using encrypted password managers and employ multi-factor authentication whenever possible. Enable 2FA (Two-Factor Authentication) to ensure each account has a unique password.
Activate a withdrawal allow-list and timely delete accounts from the maintenance list. Coinbase advises customers to activate a withdrawal allow-list, allowing only familiar accounts to conduct transactions. If something feels off, delete those accounts to prevent social engineering fraud groups from expanding their reach.
The damage caused by data breaches is immense. Last year, incidents involving customer data breaches occurred with companies including AT&T, UnitedHealth’s Change Healthcare, Ticketmaster, Dell, Disney, Roku, Trello, and other government agencies and brokers. Such incidents can lead to class-action lawsuits against businesses, resulting in an average loss of $4.88 million.
Taiwan also faces a severe data breach crisis. Reports indicate that over 23 million pieces of personal data belonging to Taiwanese individuals have been publicly sold, including names, family members, birth dates, and addresses. Additionally, Mackay Memorial Hospital experienced a hacking incident earlier this year, with millions of personal data records leaked and purchased by scammers. The leakage of this private data not only poses a risk to the individuals involved but also enables scammers and criminals to utilize it for social engineering scams, targeting more victims’ friends and family, which warrants particular attention.
Risk Warning
Investing in cryptocurrencies carries significant risks, and prices can be highly volatile, potentially resulting in the loss of your entire principal. Please assess the risks carefully.