Coinbase Incident Reveals That Error Logs Are An Attack Vector
Coinbase has revealed that the name, email, password, and state of residence of 3,420 users was stored on their servers in an unencrypted format, leaving this information potentially accessible to hackers. To be clear, in this case Coinbase asserts that there was no unauthorized access to this data, but this incident reveals an important attack vector: error logs.
A widespread problem with usernames, emails, and passwords is that people often use the same password for everything. Thus, if a hacker would obtain an email and password from the error logs, they would then be able to break into emails, social media accounts, and perhaps even critical financial accounts.
In this specific case Coinbase responded quickly and fixed the root of the problem, and had affected users change their password, but this incident should be taken as a warning for all webmasters. Basically, hackers could target the error logs of any website in order to compromise user’s accounts, and webmasters need to be on top of this. Perhaps encrypting the error logs is a solid catch-all solution for this issue.
Also, internet users should try to use different passwords for different websites, so if one of their accounts is compromised it does not lead to all of their accounts being compromised. Additionally, using 2 Factor Authentication (2-FA), where a code from a text message or Google Authenticator is required to login, can prevent an account from being breached by a hacker even if the password is compromised.
Zooming out, cryptocurrency exchanges have numerous risks including the possibility for identification and financial information to be compromised, funds being frozen or reversed, and the ever present possibility that an exchange could be hacked and lose all of its funds. Cypherpunk Labs will explore the safety and security issues surrounding cryptocurrency exchanges in future articles.