Excerpt from Bleeping Computer Article, Published on May 21, 2025.
Coinbase, one of the world’s leading cryptocurrency exchanges, has confirmed a significant data breach that affected 69,461 customers. According to a disclosure filed with the Office of Maine’s Attorney General, unauthorized individuals working at Coinbase’s overseas retail support centers improperly accessed sensitive customer information. While Coinbase clarified that no passwords, seed phrases, or private keys were compromised, the attackers gained access to names, dates of birth, masked bank account details, addresses, phone numbers, emails, and the last four digits of Social Security numbers. In certain cases, images of government-issued IDs and detailed account information, including transaction histories and balances, were also exposed.
Coinbase warned that attackers could use the stolen data to conduct sophisticated social engineering attacks, impersonating Coinbase representatives to deceive users into transferring funds. In an alarming twist, the threat actors sent an extortion email on May 11, demanding a $20 million ransom to avoid releasing the stolen data publicly. Coinbase, however, refused to comply and instead announced a $20 million reward for tips leading to the perpetrators’ identification. This breach reportedly affected up to 1% of Coinbase’s global user base. The incident is still under investigation, but preliminary estimates suggest that Coinbase may incur losses ranging between $180 million and $400 million due to remediation costs and customer reimbursements.
In a filing with the U.S. Securities and Exchange Commission, Coinbase stated it would voluntarily reimburse affected retail customers who unknowingly sent funds to the attackers before the breach disclosure. Coinbase continues to urge users to be cautious of scam calls and emails, emphasizing that it will never request account details over the phone. For enhanced protection, Coinbase advises enabling two-factor authentication and withdrawal allow-listing. Coinbase remains under scrutiny as it works to regain user trust and mitigate the impact of this breach.
To delve deeper into this topic, please read the full article Bleeping Computer.
