One of the largest exchanges in the crypto space, Coinbase, has discovered a bug that may affect around 3420 users. According to a blog post by Coinbase, the sign-up page ended storing registration details (including passwords) in text format, inside the server logs.
Coinbase has over 30 million users, the bug only affected a tiny amount.
More About The Bug
The customer would enter his details on the sign-up page and which in certain cases wasn’t loaded properly. When the customer proceeded with the final step of the registration process, the page would have crashed and the details were being sent to the internal logs.
Coinbase left a message to its users:
“While we are confident that we’ve fixed the root cause and that the logged information was not improperly accessed, misused, or compromised, we are requiring those customers to change their passwords as a best-practice precaution.”
Coinbase is a very secure exchange. It’s soo secure they claim it cannot be breached. They claim that only two security layers can be hacked, but those layers are not important. I have to agree here because Coinbase looks very secure.
For those interested, Coinbase has a bug bounty program running. So far they have paid over $250K to whitehat-hackers.