13-06-2025
How Safe Are Financial Institutions from Cyber Attacks?
The recent data breach at Coinbase may be making headlines, but this crypto-related cybersecurity incident is hardly the first, and certainly not the last, to happen. Given the value of personal and financial data, it should come as no surprise that the sector most often targeted by cybercriminals is financial services.
The incident demonstrates that it could be dangerous if the exchanges are not evolving their security tools with time as hackers have adapted their strategies to capitalize on cybersecurity leaks and gaps. It is worth noting that previously Coinbase was considered 'the world's safest crypto exchange.'
At the recent CEO Connect: May Edition, Binance CEO Richard Teng touched on the latest cyberattack trends and on the best ways to combat this risk. As Teng stated, 'We've seen a rise in increasingly sophisticated scams. That's why we've strengthened both our technical defenses and user awareness efforts.' Teng continued, 'The first layer is our responsibility—firewalls, detection systems, AI threat modeling. But the second layer is just as critical: users must know how to secure their wallets, use 2FA, and avoid phishing attempts.' Taking a closer look at Binance's security approach, one can argue that it could be a great approach in preventing such attacks.
Earlier this month, Coinbase announced that it had been the victim of a major security breach. According to the company, personally-identifiable information (PII) from 76,000 customers was stolen via an insider-assisted data exfiltration.
Although there was no direct financial cost from this data theft, according to Reuters, Coinbase could end up on the hook for a hefty monetary setback, due to potential remediation and customer reimbursement costs, as the stolen data could potentially be used for phishing and SIM-swap scams. 'We will reimburse customers who were tricked into sending funds to the attacker,' Coinbase says on its website.
It shows that just a heavy spending on cybersecurity infrastructure is not adequate in mitigating the exchanges' cybersecurity-related risks. The companies need to practice much diligence with regard to vetting their customer service staff, conducted by contractors located offshore.
According to Coinbase, these contractors voluntarily helped the hackers, as they received bribes in exchange for exposing sensitive customer information. For the financial services industry, insider threat-related incidents have become an increasingly common security risk. As revealed in a cybersecurity survey published earlier this year, one-third of financial institutions surveyed noted that insider threats were a top threat, in light of the prevalence of phishing attacks and similar scams.
It is also important that the exchanges pay heed to the security red flags raised from time to time. In the case of Coinbase, independent blockchain investigator ZachXBT had been documenting a pattern of very convincing social engineering scams hitting the exchange's users since December 2024, suggesting that the data grab in May, or similar efforts, might have been in the works for a while.
All the security spending in the world will not prevent a threat if other aspects of operations, like offshore staff, are not handled with strong diligence. Alongside the aforementioned remarks, Binance CEO Richard Teng also gave a brief overview of his own company's cybersecurity practices. Namely, how Binance operates with two core layers of security, with a user security layer complementing the technical layer.
Empowering users through education, the best way to fight back against cyber criminals, including criminals targeting users via phishing attacks. Although Teng did not touch in detail on how Binance is safe against vulnerabilities from insiders, the exchange did recently thwart an attempted cyberattack.
With this in mind, financial institutions, new and old, may want to take a closer look at additional security protocols and determine ways that they can incorporate similar measures into their respective security stacks.
Note To Readers: Readers are advised that Crypto products and NFTs are unregulated and involve significant risks. There may be no regulatory recourse for losses arising from such transactions.
Hindustan Times/HTDS shall not, in any manner, be responsible or liable for the content of the article, advertisement, including the views, opinions, announcements, declarations, or affirmations expressed therein and is absolved from any legal action or enforceable claims. This content is for informational and awareness purposes only and does not constitute financial advice."
Want to get your story featured as above? click here!
