Cryptocurrency company Coinbase Global Inc. has fallen victim to a brazen cyber attack, one that highlights the insidious threat of human greed in the digital age. The scam, which involved bribing customer support agents with cash in exchange for sensitive user data, is a stark reminder that even the most robust cybersecurity defenses can be breached by those who are willing to compromise their own integrity.

The attackers, who made off with customer names, addresses, government ID images and other confidential information, then used this stolen data to pose as Coinbase and dupe customers into giving up their crypto. The company detected suspicious activity involving its customer support agents gathering unnecessary information about users, but it wasn't until an unknown attacker emailed Coinbase demanding a $20 million ransom that the true extent of the breach became clear.

Coinbase has since revealed that the representatives were operating as part of the same scheme, and the company now expects to pay up to $400 million to resolve the incident. The staggering cost of this breach serves as a stark warning to companies about the importance of protecting their employees from insider threats.

According to Matt Cohen, CEO of cybersecurity firm CyberArk, the episode points to the "fragility of the human access point." "It's still always going to be the weakest link — the people themselves," Cohen said. "Whether they're being phished to be breached or paid to be breached it, doesn't change the fact that the vulnerability layer sits with people."

Cohen's words are echoed by security researchers who have long warned about the dangers of insider threats. The hacking group Lapsus$ in 2022 made headlines by compromising big victims including Microsoft Corp., Okta Inc. and Samsung Electronics Co. The cybercrime spree was so successful in part because the gang made posts in its public Telegram channel offering compensation to employees at tech firms in exchange for their providing data or giving hackers a foothold into corporate networks.

Security experts describe the tactics used by Lapsus$ as "quite bizarre," but also remarkably effective. The group's unique methodology proved to be incredibly successful, and this kind of breach continues to be successful because so many corporate employees and contractors are paid low salaries and based outside the US. Companies trying to fix this issue will need to spend more than just on cybersecurity, especially as experts expect this kind of breach to become more common.

"Ten years ago it was largely unheard of for cybercriminal organizations to take advantage of the insider threat, at least monetarily," said Allan Liska, a threat intelligence analyst at the cyber firm Recorded Future. "As these organizations continue to grow and profit from their attacks they will get better and more efficient at connecting with and bribing employees, contractors, partners and vendors for access."

This kind of breach serves as a stark reminder that cybersecurity is not just about technology, but also about people. As the threat landscape continues to evolve, companies will need to prioritize employee training and incentives to prevent this kind of breach from happening again.