|
|
|
|
|
|
by fckgw
405 days ago
|
|
|
Looking at their blog post, it seems like they paid customer support agents to hand over sensitive data. The attackers did not have access to any agent accounts themselves, and the customer service agents were accessing data they were already privileged to anyways. https://www.coinbase.com/blog/protecting-our-customers-stand... |
|
|
That's not how front line support agent access should work. You get access based on active cases you are working on, not the keys to the kingdom because you might need to support a member at some future point in time.