At the beginning of the month, BitcoinExchangeGuide reported about Grayscale Investments entering into agreements with Coinbase Custody to serve as its Custodian, effective July 29, 2019.
Grayscale joined a roster of world-class institutions that have chosen to partner with Coinbase Custody, including leading crypto funds like Polychain Capital, Autonomous Partners, a16z crypto, and many more.
There were rumors surrounding the potential acquisition of Xapo by Coinbase since May 2019. The cause of it was the company trying to add other assets but without having to increase their own prices. Even though there are some people who have criticized this decision, the service is has been clear about maintaining customer security as a priority.
Earlier today, Yogita Khatri of the Block Crypto reported that rivals BitGo has warned about Xapo customers who vary about the deal.
Xapo’s clients were being transferred to Coinbase. BitGo acknowledges that rival crypto custodian Xapo built a great business because they were a serious custodian that understood their responsibilities to their clients. In the blog post, they go on to say,
“The clients calling us are concerned about the safety of their digital assets and we want to make sure they have a choice. That’s why we’re announcing that through the end of September, qualifying clients can custody their assets with BitGo Trust, the first qualified custodian purpose-built for digital assets with no custody fees for the next year.”
BitGo’s CEO Mike Belshe told The Block Crypto earlier that competition has chances to be eliminated. He said that he doesn’t believe that it’s driving it to have very low prices. Although BitGo says that their motives are altruistic saying;
“Our focus is being a great custodian. That means offering the best client service and most secure protections for digital assets because it benefits the entire ecosystem.”
Coinbase Security Breach: 3,420 Names, Passwords, And Email Addresses Exposed
It’s been recently reported that Coinbase Custody bought Xapo’s institutional business and this move made the entity the largest custodian in the whole world.
Now, Coinbase is in the news again and this time it’s far from being something positive.
Coinbase exposed user data
The crypto exchange revealed that it accidentally exposed the passwords of 3,420 customers due to a security glitch that took place.
The exchange claims that some of the customers’ registration details have been temporarily stored in plain text files on the internal server of the platform.
“Under a very specific and rare error condition, the registration form on our signup page wouldn’t load correctly, which meant that any attempt to create a new Coinbase account under those conditions would fail. Unfortunately, it also meant that the individual’s name, email address, and proposed password (and state of residence, if in the US) would be sent to our internal logs,” according to official notes.
On the other hand, the exchange doesn’t think that bad actors found the files. Still, they decided that it’s worth taking precautionary measures just in case anyone accessed the data.
“After we identified and fixed the bug, we traced back all the places where these logs might have ended up. Access to all of these systems is tightly restricted and audited. A thorough review of access to these logging systems did not reveal any unauthorized access to this data,” according to reports from the Daily Hodl who cites official data.
Coinbase also said that they triggered a password reset for all affected users.
Binance was recently hacked
This issue with Coinbase comes right after Binance was hacked and user data was leaked online.
Binance’s KYC data was hacked, and the info has been uploaded into a Telegram Group that’s called “Find Your Binance KYC.”
Barclays Ends Agreement with Coinbase
Barclays, London-based global bank, announced that it has ended its banking ties with US-based cryptocurrency exchange, Coinbase.
The report has it that Coinbase has already found a banking replacement in UK upstart, ClearBank. According to experts, the change in bank will indirectly bother the platform users.
All parties involved (Barclays, ClearBank, and Coinbase) have refused to comment on the ongoing divorce bill.
Why is the banking relationship ending?
The exact reason for Barclay and Coinbase ending their banking relationship remains unknown. Some sources have speculated that the reasons for this break-up might be linked to Barclays getting cold feet about Coinbase crypto clients.
Other sources pointed out that Barclays got uncomfortable with Coinbase’s request to add more cryptocurrencies on its platform for trading. While a crypto expert simply described the Coinbase-Barclays relationship as a pilot relationship that has simply run its course.
It should also be duly noted that Coinbase obtained a bank account with Barclays in early 2018. The collaboration was welcomed by many because crypto-firms can have a tough time getting banking partners. The exchange was also granted an e-money license by the UK Financial Conduct Authority (FCA) and was the first crypto-firm to gain access to FPS.
Barclays and Circle
Coinbase was not the only crypto company to successfully ramp Barclays onboard. In 2016, when the bank was perhaps more enthusiastic about the technology, Barclays said it was working with Circle Internet Financial.
“We can confirm that Barclays Corporate Banking has been chosen as a financial partner by Circle, and we support the exploration of positive uses of blockchain that can benefit consumers and society,” Barclays said.
Barclays and Circle (which has since shifted its focus from retail payments to crypto trading) declined to comment on the status of their relationship.
Last week, Coinbase has announced its support for ALGO token on its Coinbase Pro platform. The token will be available for trading on Coinbase Pro from the 14th of August 2019.
Coinbase Says Security Failure Exposed 3,420 Names, Passwords and Email Addresses
The leading US crypto exchange Coinbase says it accidentally exposed the passwords of 3,420 customers due to a security glitch.
According to the exchange, some of its customers’ registration details were temporarily stored in plain text files on its internal server.
“Under a very specific and rare error condition, the registration form on our signup page wouldn’t load correctly, which meant that any attempt to create a new Coinbase account under those conditions would fail. Unfortunately, it also meant that the individual’s name, email address, and proposed password (and state of residence, if in the US) would be sent to our internal logs.”
Coinbase doesn’t think anyone found the files, but they’re taking precautionary measures in case anyone accessed the data.
“After we identified and fixed the bug, we traced back all the places where these logs might have ended up. We have an internal logging system hosted in AWS, as well as a small number of log analysis service providers. Access to all of these systems is tightly restricted and audited. A thorough review of access to these logging systems did not reveal any unauthorized access to this data.
Additionally, we triggered a password reset for impacted customers, even though a password alone is not sufficient to access a Coinbase account — our device verification emails and mandatory 2FA mechanisms would both have been triggered and blocked any unauthorized login attempts.”
The discovery comes after a potentially major breach on the crypto exchange Binance. The photos of more than 60,000 individual users who sent KYC information to the company have allegedly leaked. The photos were taken between 2018 and 2019.
In addition, a friendly white hat hacker also hacked into Binance Jersey’s Twitter account on Friday. Binance says it will offer a reward to the hacker for exposing a security loophole.
“On August 16, 2019 at 15:00 UTC, a white hat hacker was able to gain access to the @BinanceJE (Binance Jersey) Twitter account by social engineering the email domain name service provider used by Binance Jersey.
The white hat hacker posted a few tweets from the Twitter handle @BinanceJE, then deleted them. The white hat hacker was cooperative and open in his communications with our security team, and we were able to restore the domain name within a few minutes and the Twitter handle a couple of hours later. We will issue a security bug bounty to the white hat hacker, as well as investigate the incident further with our service provider. All funds on Binance.JE are safe. No data was compromised.”