#BinanceSquareTalks In a significant security lapse, Coinbase, the largest U.S.-based cryptocurrency exchange, has disclosed a data breach resulting from bribed overseas contractors misusing their access to internal systems. The breach exposed sensitive customer information, including names, contact details, Social Security numbers, masked bank information, ID images, account balances, and internal corporate documents. However, no passwords, private keys, or funds were compromised. The financial impact of the breach is projected to be between $180 million and $400 million, encompassing remediation efforts and voluntary reimbursements to affected customers.
Coinbase became aware of the breach after receiving a threatening email on May 11, 2025, from an unidentified attacker claiming access to sensitive customer details and internal company documents. The attackers demanded a $20 million ransom, which Coinbase refused to pay. Instead, the company offered a $20 million reward for information leading to the arrest of the perpetrators.
In response to the breach, Coinbase has enhanced its fraud monitoring systems, terminated the involved contractors, and is cooperating fully with U.S. and international law enforcement agencies. The U.S. Department of Justice has initiated an investigation into the cyberattack, focusing on the criminal actors behind the breach.
The incident has prompted Coinbase to plan the establishment of a new U.S.-based support hub and implement further preventive measures to bolster its security infrastructure. Despite the breach, Coinbase's stock remains resilient, trading at $263.16 as of the latest update.
This breach underscores the growing threats facing the cryptocurrency industry, highlighting the need for robust internal security measures and vigilant monitoring of third-party contractors. $BTC
