Coinbase has accidentally saved 3420 passwords without encrypting them which means they were stored in text on Coinbase servers. The team assured customers that their information was not accessed by anyone else and they have reached most of the affected clients already through email, informing them about the issue and requiring a password change.
Coinbase team explained what happened in a blog, saying that the bug happened due to a rare error condition where the registration form on the signup page wouldn’t load correctly.
Coinbase also said that this still wouldn’t have been enough to access someone else account because of the mandatory 2FA mechanism they have enabled. Coinbase also maintains an active bug bounty program that has paid over $250,000 to date.
Coinbase announced 2 days ago that they acquired Xapo’s institutional business and have crossed $7 billion in assets under custody. Coinbase was founded in 2012 and has become one of the biggest cryptocurrency exchanges in the world, especially in the U.S.
Brian Armstrong the CEO of Coinbase said in a tweet that they were seeing $200-400 million a week in new crypto deposits from institutional customers.
Whether institutions were going to adopt crypto or not was an open question about 12 months ago. I think it's safe to say we now know the answer. We're seeing $200-400M a week in new crypto deposits come in from institutional customers.
— Brian Armstrong (@brian_armstrong) August 16, 2019