Instances of such personnel accessing data without business need were independently detected by the Company’s security monitoring in the previous months, Coinbase said, adding that all such instances were part of a single campaign leading to the theft of data in May from internal systems.
Speaking on the attack vector used, Ishpreet Singh, chief information officer at Black Duck, said, “Regarding security architecture, moving to a zero-trust network model will help them to enforce micro-segmentation. It’s important to carry out advanced security risk training, including social engineering defense training. Sensitive user data should be heavily segmented and encrypted with keys inaccessible to support agents.”
Following the discovery, Coinbase promptly terminated the individuals involved, ramped up its fraud-monitoring measures, and notified affected customers as a precaution against misuse of exposed information.
