PANews reported on August 22, according to Business Insider, that Coinbase CEO Brian Armstrong stated that the company was forced to adjust its 'remote-first' policy due to North Korean IT personnel attempting to leverage remote work policies to gain access to sensitive systems. Coinbase now requires all employees to attend in-person onboarding training in the U.S., and those involved with sensitive systems must be U.S. citizens and undergo fingerprint verification. Additionally, Coinbase is collaborating with law enforcement to address this threat and strengthen internal information security controls.
Some employees have been threatened or bribed to leak sensitive information, and Coinbase has made it clear that such actions will result in serious legal consequences. To address cybersecurity risks, the company has also expanded its domestic customer support team in the United States, including new facilities in North Carolina.