The cryptocurrency exchange that claims to have never been hacked, Coinbase, may in fact have had its hot wallet hacked as early as 2013.
That’s according to journalist and author Jeff Roberts, who divulged the tidbit on Ep. 126 of the Unchained podcast, while promoting his book, “Kings of Crypto: Coinbase and the Coming Disruption of Finance.”
Decrypt has reached out to Coinbase multiple times for comment. This article will be updated when we hear back.
Roberts claims Coinbase’s hot wallet was hacked just a year after the company’s inception in 2012, and that the hacker made away with $250,000 worth of Bitcoin. As opposed to a cold wallet, a hot wallet is a cryptocurrency wallet which is connected to the internet, and in a sense, “live.” This leaves it much more prone to attack by hackers.
Roberts explained on Unchained: “Coinbase likes to boast they’ve never been hacked—that’s not actually true.”
“In the early days when there were just five of them; Charlie Lee and Brian [Armstrong] and Fred Ehrsam, and a couple of other folks. One of their vendors did get in and rob their hot wallet to the tune of $250,000. I can’t remember how many Bitcoins it was at the time, but it was a lot,” said Roberts, adding, “This was a long time ago of course, this was 2013 or 2014.”
Based on the fluctuations in Bitcoin’s price between 2013 and 2014, the $250,000 haul could equate to 200 Bitcoin, or over 2,000. If it were the latter, that would have given stolen coins a value of over $40 million in December 2017—when one Bitcoin was priced at $20,000.
Roberts said that despite the hack, Coinbase’s reputation and security remain strong. However, they can no longer “boast” of having never been hacked. “Coinbase is very secure and has a good reputation—but they haven’t been infallible, that’s for sure,” said Roberts.
As Decrypt reported last year, Coinbase hires third party firms to try to break into its own systems. These firms will even pose as workers, with only Coinbase CEO Brian Armstrong and Coinbase’s head of security aware of the infiltration. If they do find any security weaknesses, they report back to Coinbase, which fixes them.
This level of security has paid off. In August 2019, Coinbase revealed how it prevented a sophisticated hacking attempt that tried using emails to infect computers at the exchange with a virus.