Coinsquare, a Canadian-based cryptocurrency exchange company has suffered a cyber-security breach which resulted in about 50,000 email addresses and phone numbers stolen by hackers with the intention of using them to perform a SIM swap attack.
The stolen data were meant to be sold but trading the SIM records may amount to getting more cash as revealed to VICE Motherboard on June 2 by a member of the cybercriminals involved in the hack.
Other sensitive information stolen by the hackers includes physical addresses, user’s “great customer rating”, and details of the deposits made by each user for the past six months on the company’s platform according to VICE Motherboard.
Cole Diamond, CEO of Coinsquare explained that the cyber-hack was carried out by external perpetrators with no evidence of the company’s involvement as Coinsquare’s networks have not for once been breached.
How Sim Trading Works
Trading sim cards via swapping involves a victim’s mobile phone number being hijacked by hackers, granting them access to request a password reset on any platform the victim phone number might have been activated for two-factors authentication.
This poses risk to millions of cryptocurrency users as this method is often deployed by cybercriminals to pilfer cryptocurrencies like Bitcoin (BTC), Litecoin (LTC), Ethereum (ETH) and others.
Coinsquare Employee’s Involvement
In Coinsquare CEO’s words to VICE Motherboard “the previous theft of sensitive information was carried out by an employee from an external CRM network which took place about a year and six months back” he continued further “while hackers might have not stolen any data, they reportedly have it now.”
Stacey Hoisak, Coinsquare General Counsel opened up more on the attack to VICE Motherboard, he said that the former attack occurred in 2019, “with sensitive information stolen by employees of information as contained in a customer relations database utilized for prospecting but that Coinsquare replaced internal sales management services, upgraded the internal controls, and revised the data management system to halt future occurrence.”
The same year, there was a partnership between Coinsquare and Flexa, an American crypto payment start-up to introduce digital currency payments to Canadian stores situated in Canada.