News Coinbase password bug hits 3,420 users

Coinbase password bug hits 3,420 users

-

- Advertisment -

Crypto exchange behemoth Coinbase discovered a bug in its signup page that led to registration details being stored in clear text in internal web server logs, they announced in a blog post on Friday. 

“Under a very specific and rare error condition,” their registration signup page wouldn’t load properly. A customer would enter their details but the page would crash, sending the “individual’s name, email address, and proposed password (and state of residence, if in the US)” to its internal logs.

If the user refreshed the page, and they signed up again using the same password–this time successfully–the password’s hash would match they one previously logged. 

Luckily, the glitch only harmed a tiny fraction of their user base. Coinbase has over 30 million users according to its website. Still, for those unlucky few, Coinbase has the following message:

“While we are confident that we’ve fixed the root cause and that the logged information was not improperly accessed, misused, or compromised, we are requiring those customers to change their passwords as a best-practice precaution.”

Though the hack was discovered internally, Coinbase has an active bug bounty program on HackerOne, which has so far paid over $250,000 to white-hatters. 

Generally, though, Coinbase’s cybersecurity has been squeaky clean. It’s currently the only major exchange yet to suffer a breach. Recently, a hacker stole $40 million from Binance, and another stole $450 million from Mt. Gox. 

As we wrote back in May, Coinbase is so secure it can’t even hack itself. CEO Brian Armstrong told Wall Street Journal reporter Paul Vigna that it hires spies to test its cybersecurity systems. The spies get a job at Coinbase and try to hack into their systems. “They might breach one or two” layers of security, Armstrong said, but no more. 

Source

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest news

Bitcoin SV has found a new niche in the gaming industry

Gaming companies and online casinos are increasingly paying attention to cryptocurrencies as a possible payment tool. Several...

Why could GLBrain become a great solution to receive support during the crisis?

To support smaller and medium-sized businesses during the ongoing crisis, GLBrain offers services cost-free for all Austrians....

Make Fast and Secure Trades Using Bitengo.io

Bitengo.io is a Cryptocurrency trading platform that allows users to buy and sell their Cryptocurrency in a...

Network Security Using Cryptography: Everything you need to know

This article will describe what is Network Security Using Cryptography and everything you need to know before...
- Advertisement -Coinbase password bug hits 3,420 users

Mercuriex Cryptocurrency Exchange Launches New Utility Token, SURF

MercuriEx Cryptocurrency Exchange, originally developed in 2017, came under new ownership in December 2019. Since taking over the exchange,...

Fungibility: Bitcoin Mixers Favorite Term That No One Understands

Fungibility, perhaps the most important concept when dealing with a decentralized and anonymous currency, but does bitcoin...

Must read

Bitcoin SV has found a new niche in the gaming industry

Gaming companies and online casinos are increasingly...
- Advertisement -

You might also likeRELATED
Recommended to you