Over 6000 customers faced phishing attack on coinbase platform. The giant company revealed that it's customers' funds were removed from their account. As a result, phishing attack saw hackers get the SMS authentication feature that was used to secure the accounts.
In a letter, coinbase said hackers had the access to victim's email account. They then used the compromised accounts to withdraw the funds. Though coin base requires two factor authentication, the SMS version where users get a text message to confirm transaction went down.
The letter further says hackers took an advantage in the two factor authentication bug and gained access to the account. Coinbase has decided to give back the amount that was lost during the phishing attack. Coin base has told the customers to switch to a more reliable form of two factor authentication such as external hardware device.