Coinsquare Hackers Plan SIM-Swapping Attacks After Obtaining Exchange’s User Data

News
Tue, 06/02/2020 - 19:53
Alex Dovbnya
Coinsquare says that its former employee was responsible for leaking its clients’ information, but there are some ‘additional addresses’
Cover image via stock.adobe.com
Contents

 

According to a report published by Motherboard, hackers who stole user data from Coinsquare, a Canadian cryptocurrency exchange, now want to use it for conducting SIM-swapping attacks. 

Coinsquare claims that its ex-employee was responsible for the data theft that came to light last year, but it now appears that the bad actors have some usernames that they weren’t aware of:  

Since we were made aware of this issue last year, Coinsquare has replaced internal sales management systems, re-written data management policy and upgraded its internal controls, and we are not aware of any breach or additional employee thefts since that time.

Related
SIM-Swap Crypto Thefts Get Out of Hand as Bitcoin Price Reaches New Highs

SIM-swapping threats 

According to the report, whoever was responsible for the breach initially intended to sell stolen information on the dark web, but the idea of SIM-swapping appears to be more lucrative.

By convincing phone carriers to hijack SIM cards linked to Coinsquare’s users, criminals can get around two-factor authentication (2FA) and get access to their exchange funds.

As reported by U.Today, an entrepreneur from California lost $1.8 mln due to a SIM-swapping attack.   

The authenticity of the data was confirmed by Motherboard. All provided addresses have been already occupied and couldn’t be found on the web. 

Related
dForce DeFi Protocol Hacked, $25M in Bitcoin (BTC) and Ethereum (ETH) Stolen

A tough start of 2019 

Notably, Coinsquare was ‘eerily silent’ about the data leak ack back in 2019, as noted by one of its customers.   

One of the legitly-looking leaks was posted on Reddit last year, and some users were able to find their email addresses.

Last year, the company had 40 of its employees laid off due to unfavorable market conditions.

This came right after the users of QuadrigaCX, the largest Canadian exchange, lost access to their funds after the death of its CEO who was the only person with access to all cold wallets. 

About the author

Alex Dovbnya (aka AlexMorris) is a cryptocurrency expert, trader and journalist with extensive experience of covering everything related to the burgeoning industry — from price analysis to Blockchain disruption. Alex authored more than 1,000 stories for U.Today, CryptoComes and other fintech media outlets. He’s particularly interested in regulatory trends around the globe that are shaping the future of digital assets, can be contacted at alex.dovbnya@u.today.

This site uses cookies for different purposes. Please set your preferences in Cookie Settings and visit our Cookie policy for more information on how and why cookies are used on this site. Click here for cookie policy