Coinbase data breach affects nearly 70,000 users
Date: 2025-05-22 Author: Oliver Abernathy Categories: BUSINESS
A major leak that occurred last December left 69,461 Coinbase users with sensitive information. The company officially notified the state of Maine about it. As it turned out, the cybercriminals used social engineering methods and bribed overseas support employees to gain access to the company's internal systems.
The criminals demanded $20 million from Coinbase, threatening to publish the data on the darknet. The attackers got their hands on information related to the KYC procedure, such as usernames, email addresses, and emails. However, passwords, private keys, and customer funds were not affected.
The company noted that the leak affected less than one percent of the total number of active users on the platform. However, the financial consequences were serious - the costs of settling the incident and compensating customers could amount to between $180 and $400 million. To catch the culprits, Coinbase announced the creation of a $20 million reward fund and has already passed on information about the employees involved to the investigation.
Michael Arrington, the founder of TechCrunch, harshly criticized Coinbase for its slow response to the incident. He emphasized that such KYC data leaks pose a potential threat to the physical safety of customers. In his opinion, the damage from such incidents is measured not only in money, but also in human suffering, and companies and regulators continue to ignore vulnerabilities in the "know your customer" system.
In comparison, other large exchanges - such as Binance and Kraken - were able to successfully repel attacks using similar social engineering methods in the recent past, avoiding compromising the data of their users.
