加密交易所Coinbase的最新數據洩露事件引起了人們對用戶安全的擔憂

Coinbase是全球第三大加密貨幣交易所，確認其每月交易的每月用戶中只有不到1％的攻擊受到影響，該攻擊可能會花費高達4億美元的報銷費用

A recent data breach at crypto exchange Coinbase has raised concerns about user safety after hackers gained access to sensitive information, including home addresses.

加密交易所Coinbase的最新數據洩露事件引起了對黑客獲得訪問敏感信息（包括家庭住址）的擔憂。

Coinbase, the world’s third-largest cryptocurrency exchange, confirmed that less than 1% of its transacting monthly users were affected in an attack that may cost the exchange up to $400 million in reimbursement expenses, Cointelegraph reported on May 15.

Cointelegraph報導，Coinbase是世界第三大加密貨幣交易所，確認其每月交易的每月用戶中只有不到1％的攻擊受到影響，該襲擊可能使交易所損失高達4億美元的報銷費用。

However, the “human cost” of this data breach may be much higher for users, according to Michael Arrington, the founder of TechCrunch and Arrington Capital.

但是，根據TechCrunch和Arrington Capital的創始人邁克爾·阿靈頓（Michael Arrington）的說法，用戶的“人為成本”可能要高得多。

“Very disappointed in Coinbase right now. Using the cheapest option for customer service has its price,” Arrington said in a May 20 X post, adding:

“現在對Coinbase感到非常失望。使用最便宜的客戶服務的選擇有其價格。”阿靈頓在5月20日的帖子中說：

Very disappointed in @Coinbase right now. Using the cheapest option for customer service has its price.https://t.co/M9p55L7P9v

現在對@coinbase感到非常失望。使用最便宜的客戶服務的選項具有其價格。

— Michael Arrington (@arrington) May 20, 2024

- 邁克爾·阿靈頓（@Arrington）2024年5月20日

While no passwords, private keys or account funds were exposed, cybercriminals reportedly bribed overseas customer service contractors to access internal systems. This allowed them to steal personal data that could be used in social engineering scams or even physical extortion attempts.

儘管沒有曝光密碼，私鑰或帳戶資金，但據報導，網絡犯罪分子賄賂了海外客戶服務承包商來訪問內部系統。這使他們能夠竊取可用於社會工程騙局甚至物理勒索嘗試中的個人數據。

With Bitcoin (BTC) trading above $100,000, crypto wealth has become a growing target for criminals. Experts warn that leaked address data could expose high-net-worth individuals to real-world risks.

隨著比特幣（BTC）的交易超過100,000美元，加密貨幣財富已成為犯罪分子的越來越多的目標。專家警告說，洩漏的地址數據可能會使高淨值個人面臨現實世界中的風險。

On May 16, Cointelegraph reported on six violent robberies that targeted cryptocurrency investors, aiming to extort digital assets via kidnapping or torture.

5月16日，Cointelegraph報導了六次暴力搶劫，這些搶劫針對加密貨幣投資者，旨在通過綁架或酷刑勒索數字資產。

In a ruthless attack on May 4, the father of a French crypto entrepreneur was abducted in Paris, France. The kidnappers cut the victim’s finger and sent a video to his son, demanding 5 million euros in crypto.

在5月4日的無情襲擊中，法國加密企業家的父親在法國巴黎被綁架。綁架者割斷了受害者的手指，並向兒子發送了一段視頻，要求在加密貨幣中提供500萬歐元。

The victim was held for two days before French police were able to find and rescue him. According to CNN, five people were arrested in connection with the kidnapping.

在法國警察能夠找到並營救他之前，受害人被關押了兩天。根據美國有線電視新聞網（CNN）的說法，五人與綁架有關。

To prevent similar user data breaches, crypto exchanges need to adopt a “layered defense strategy,” according to Ronghui Gu, the co-founder of CertiK Web3 security firm.

Certik Web3安全公司Ronghui GU表示，為防止類似的用戶數據洩露，加密交易所需要採用“分層防禦策略”。

“This can include privileged access management, zero trust architecture, multifactor authentication across internal systems, and continuous monitoring with behavioral analytics,” Gu told Cointelegraph, adding:

“這可以包括特權訪問管理，零信任體系結構，跨內部系統的多因素身份驗證以及通過行為分析的連續監視，” GU告訴Cointelegraph，並補充說：

Crypto platforms will need to rethink their security posture as attackers are increasingly targeting human vulnerabilities rather than technical ones. This includes recognizing the threat of social engineering schemes.

加密平台將需要重新考慮其安全姿勢，因為攻擊者越來越多地針對人類脆弱性而不是技術脆弱性。這包括認識社會工程計劃的威脅。

However, crypto platforms will need to “rethink their security posture” as attackers “increasingly target human vulnerabilities rather than technical ones,” added Gu, warning of the rising threat of social engineering schemes.

但是，加密平台將需要“重新考慮其安全姿勢”，因為攻擊者“越來越針對人類的脆弱性，而不是技術脆弱性”。

Social engineering schemes, such as phishing scams, were the most significant security threat of 2024, costing the industry over $1 billion across 296 incidents, according to CertiK.

根據Certik的說法，社會工程計劃（例如網絡釣魚騙局）是2024年最重大的安全威脅，在296起事件中，該行業損失了超過10億美元的行業。