Coinbase publicly acknowledges that 3,420 user information is threatened by registration vulnerability

According to foreign media, Coinbase Exchange acknowledged in its latest blog post that a vulnerability in their system could cost Coinbase users a lot of money.

Security-265130_1280

Image source:

Coinbase admitted

Last Friday's "post-event survey" showed that an error on the Coinbase registration page saved the client's information on the Coinbase internal web server log in clear text. Therefore, for the staff of the San Francisco-based cryptocurrency company, if the password is "123456", then they see "123456". Ideally, they should have been hashed into unreadable text.

Coinbase acknowledged that the vulnerability affected a total of 3,420 customers. The following are excerpts from their speeches:

"In the case of [very special] and rare errors, the registration form on the registration page does not load properly, which means that any attempt to create a new Coinbase account under these conditions will fail. Unfortunately, this also means The personal name, email address and suggested password (and residency status, if in the US) will be sent to our internal log."

The exchange said that the password and other details of the user who resubmitted the form were securely encrypted. Unfortunately, the 3,420 customers mentioned above accidentally logged their private data to the Coinbase server.

Coinbase discovered a password vulnerability: Coinbase, one of the largest exchanges in the cryptocurrency industry, discovered a vulnerability that could affect 3,420 users. According to a blog post by Coinbase, the registration page finally stores the user account registration information. – August 18, 2019, Nacho Sanzu© (@morodog

No user funds damaged report

Coinbase behaves like a good old man, putting this issue at the top of the list. The company claims that they tracked the entire storage line to confirm that no personal information was stored for any customers.

Coinbase wrote:

“We hosted an internal logging system in AWS, as well as a small number of log analytics service providers. Access to all of these systems was severely restricted and audited. We thoroughly checked access to these logging systems and found no Any unauthorized access to these data."

The company also reset passwords for affected customers. The company claims that passwords alone prevent potential hackers from stealing their bitcoins and explain that they protect each account with mandatory email and 2FA certification.

“We keep a very high standard to ensure the safety of the Coinbase platform. When we are slightly below these standards, we will mobilize a team to find out where the problem is and how to prevent it from happening again. We also believe in us. Our customers remain transparent, which is why we share our findings today."

Coinbase is still safe

At the time Coinbase issued this warning, institutional investors are taking concrete steps to include Bitcoin in their portfolio. However, considering that cryptocurrency allows hackers to steal billions of dollars worth of assets under their eyes, security is still one of their biggest concerns.

Coinbase has never been reported to have been hacked. The exchange has commercial and criminal insurance – the total amount exceeds the value of the digital currency it stores online.

We will continue to update Blocking; if you have any questions or suggestions, please contact us!

Share:

Was this article helpful?

93 out of 132 found this helpful

Discover more

Blockchain

UK Finance Minister: FCA has the final decision on whether to implement the ban on crypto derivatives

According to Cointelegraph's October 22 report, the UK government recently stressed that it is up to the regulat...

Blockchain

How terrible is the IEO? 62% of 87 projects broke, with a maximum loss of 99%

87 IEO projects, raising more than 2 billion, 62% broken "Bitcoin is about to plummet to $5,000." "Cry...

Blockchain

Sun Yuchen used capital hegemony to control Steem, causing controversy, the integrity of stolen users' voting rights was questioned

Recently, in order to prevent capital power on the chain, Steem witness nodes jointly launched a soft fork. God V des...

Blockchain

HKEx will start blockchain bidding

As one of the world's major exchanges, the HKEx is actively embracing the new wave of technology. “Every ...

Blockchain

Hardcore: Declassified U.S. Department of Justice sues Chinese OTC acceptor for money laundering

Source: PeckSheild On March 02, 2020, the U.S. Department of Justice initiated indictments against two Chinese people...

Blockchain

The new pattern of staking: exchanges enter the market to explore the boundary, the pledge amount of service providers is not proportional to the income provided

Analyst | Carol Editor | Bi Tongtong | PANews At this time last year, Staking was all the rage, and many players &quo...