Hackers stole almost 50,000 email addresses from Canada-based cryptocurrency exchange, Coinsquare. Now, they’re hoping to use the data to perform SIM swapping attacks.
One of the alleged hackers involved in the attack spoke to VICE Motherboard on June 2, explaining that the collective was originally looking to sell the information, but realized they could “make more money by SIM swapping the accounts.”
SIM swapping’s modus operandi
SIM swapping consists of a hacker hijacking the target’s mobile phone number, giving them the ability to request password resets for any website where the victim’s phone is used for two-factor authentication.
Said maneuver is frequently used to steal cryptocurrencies, and could represent a risk to millions of Bitcoin (BTC), Ethereum (ETH), and other cryptocurrencies stored on custodial exchanges.
VICE Motherboard states that the information obtained includes phone numbers, and physical addresses. It also includes data on how much each user deposited in their account in the first six months, and the user’s “high-value client” rating within Coinsquare’s platform.
The hack occurred by an employee’s theft of information
Stacey Hoisak, general counsel for Coinsquare, gave more details on the attack on VICE Motherboard, stating that it occurred in 2019. He continued:
“The data was obtained as the result of employee theft of information contained within a client relationship database used for prospecting.”
Hoisak says the company replaced internal sales management services, rewrote data management policy, and upgraded its internal control in an effort to avoid additional employee theft.
In 2019, the cryptocurrency exchange partnered with the US-based crypto payments startup, Flexa, to bring in-store digital currency payments to Canada.