• Coinbase data breach impacted 69,461 users’ personal information.

  • Insiders bribed to leak names, addresses, and bank details.

  • No funds or passwords stolen; Prime accounts unaffected.

  • Coinbase offers $20M reward to catch attackers.

  • Enhanced security and user reimbursements promised.

#Coinbase #DataTheftAlert #cybersecurity #insider threat
On December 26, 2024, Coinbase, a leading cryptocurrency exchange, suffered a significant data breach. Cybercriminals bribed rogue overseas support agents to access sensitive customer information. The breach, detailed in a Maine Attorney General filing, impacted 69,461 users, exposing names, addresses, and phone numbers.

The incident remained undetected until May 11, 2025. Coinbase confirmed that less than 1% of its monthly transacting users were affected. No passwords, private keys, or funds were compromised. Prime accounts remained secure.

How the Breach Occurred

Cybercriminals targeted Coinbase’s outsourced support team. They recruited agents through bribes, gaining unauthorized access to customer data. The stolen information was used to facilitate social engineering attacks. Attackers demanded $20 million in Bitcoin to withhold the data.

Coinbase refused the ransom. Instead, the company offered a $20 million reward for information leading to the attackers’ arrest and conviction. The breached data included sensitive details like government-issued IDs and bank information for some users.

The company identified and terminated the rogue employees. Legal consequences for those involved remain uncertain due to their overseas locations. Coinbase is working with authorities to investigate further.

Coinbase’s Response and User Impact

Coinbase acted swiftly upon discovering the breach. The company notified affected users and promised full reimbursement for any losses. Enhanced security measures are being implemented to prevent future incidents.

The Maine Attorney General’s filing highlighted the scale of the breach. It emphasized the risks of outsourcing sensitive operations. Coinbase assured users that no financial assets were stolen. The company is providing credit monitoring services to affected customers.

The breach raises concerns about data security in the cryptocurrency industry. Users are urged to remain vigilant against phishing attempts and social engineering scams. Coinbase has pledged to strengthen its internal controls.