Not sure why this is coming out when it is, but 6,000 accounts were hacked due to a “vulnerability” in Coinbase’s SMS 2 factor authentication system. Coinbase can’t say for certain how the hackers got in, but they do say the hackers would have needed account email addresses, phone numbers and passwords to make that happen. The possibility that the account holders were victims of phishing attempts or social engineering are most likely.
Luckily, Coinbase is refunding anyone exposed to this hack, which is the right thing to do.
Not much is being shared about why this is news was just released in September, which leads me to believe either the CA DOJ was involved in that decision, or Coinbase was trying to time the market.