Knock on wood: Coinbase is the only exchange yet to suffer a breach.
CEO Brian Armstrong revealed a secret to its success to Wall Street Journal reporter Paul Vigna at Consensus this morning: it hires spies, unbeknownst to most of the staff, who attempt to infiltrate the exchange’s offices and compromise the network.
“We hire third-party firms to try and break into it,” he explained. “They pose as candidates applying to work at Coinbase. Typically, only the head of security and me know that it’s a drill.
But the person will come in, and apply for a job, and try and get into the office, and try to break into our systems.”
Any luck? “They might breach one or two” layers of security, Armstrong said. But better them than, say, the hacker that stole $40 million from Binance. Or the hacker that stole $450 million from Mt. Gox. Or the hacker that stole $16 million from Cryptopia.
Armstrong said that customers’ funds are stored in a geographically distributed database and that the exchange is building the “generation four” of its cold-storage system—wallets that holds customers keys offline—which is rebooted every 18 months.
That’s a far cry from $190 million in a dead man’s wallet.