Coinsquare, a Canadian crypto exchange that enables its users to trade Bitcoin, Ethereum, and other cryptocurrencies, confirmed that its customer information was stolen by an ex-employee last year. Cybercriminals laid their hands on this data and are now reportedly going to carry out SIM swapping attacks.
According to Stacey Hoisak, Coinsquare’s general counsel, the data theft took place a year ago by a now ex-employee of the company from the Customer Service system. They had notified the law enforcement and data protection authorities concerned, as well as all known impacted users at the time as soon as the data theft was detected.
As per Vice Media’s interview with an anonymous hacker, the cybercriminals want to “embarrass the company (Coinsquare) for claiming they were the most secure Canadian exchange on their website.” Initially, they thought of selling or auctioning this data which includes CoinSquare clients’ email addresses, phone numbers, and physical addresses. However, they later thought of using it in SIM swapping attacks as it would bring them additional monetary benefits.
Since the data theft, Coinsquare has streamlined and introduced sophisticated internal controls to avoid insider threats. They have also re-written their older data management policies and changed their customer management systems for an increased level of protection.
Insider Threat: A Rising Concern
A recent survey report “2020 Cost of Insider Threats: Global Report” from the Ponemon Institute revealed that insider threats increased by 47% from 3,200 in 2018 to 4,716 in 2020. It also revealed that the cost of insider threat incidents surged by 31% from $8.76 million in 2018 to $11.45 million in 2020.
According to the survey, negligent employees are responsible for around 62% of security incidents, costing organizations an average of $307,111 per incident. The fastest-growing industries for insider threats are the retail sector (38.2% two-year increase) and the financial services sector (20.3% two-year increase). It takes 77 days for a company to contain each insider threat incident, and only 13% of the analyzed security incidents were contained in less than 30 days, the report stated.