Ethical Hacking News
Coinbase has confirmed an insider breach that exposed sensitive customer data belonging to nearly 70,000 users. The breach, which took place on December 26, 2024, involved bribed overseas support staff who handed over customer information. Coinbase is offering identity protection and credit monitoring services to affected individuals and has set up a $20 million bounty for information leading to the arrest and conviction of those responsible.
Coinbase has confirmed an insider breach exposing sensitive customer data from nearly 70,000 users. The breach involved overseas support staff who were bribed by criminals to hand over customer data. The stolen information included names, addresses, phone numbers, email addresses, and other personal data. Coinbase's account information, such as passwords and seed phrases, was not compromised in the breach. The company is offering one year of identity protection and credit monitoring services to affected individuals. The estimated cost of remediating the attack is between $180 million and $400 million. Coinbase is setting up a $20 million bounty for information leading to the arrest and conviction of those responsible.
Coinbase, a leading cryptocurrency exchange platform, has confirmed that an insider breach has exposed sensitive customer data belonging to nearly 70,000 users. The breach, which took place on December 26, 2024, was only discovered on May 11, 2025, and the company has since taken steps to notify affected individuals and implement measures to prevent future breaches.
According to a notification filed with Maine's Attorney General, the breach involved overseas support staff who were bribed by criminals to hand over customer data. The stolen information included names, addresses, phone numbers, email addresses, last four digits of Social Security Numbers, masked bank account numbers, and images tied to government IDs such as passports and driving licenses.
Coinbase has assured customers that their passwords, seed phrases, private keys, and other sensitive account information were not compromised in the breach. However, the company has acknowledged that some customers may have been successfully socially engineered by the attackers using the stolen data.
To mitigate this risk, Coinbase is offering one year of identity protection and credit monitoring services to affected individuals through IDX. Customers are also advised to remain vigilant against potential further criminal activity and to implement additional security measures such as strong 2FA (hardware keys) and Withdrawal Allow Listing – a setting that allows withdrawals only from wallets explicitly trusted by the user.
The cost of remediating the attack is estimated to be between $180 million and $400 million, according to Coinbase's SEC filing. The company has also set up a $20 million bounty for information that could lead to the arrest and conviction of those responsible for the breach.
CEO Brian Armstrong released a video apology to social media, promising to pursue all available avenues to bring the perpetrators to justice. This includes setting up a reward program to incentivize individuals who provide information leading to the identification and prosecution of those responsible.
The incident highlights the need for companies to implement robust security measures to protect sensitive customer data. It also underscores the importance of regular breach notifications and communication with affected individuals to mitigate the impact of such incidents.
In light of this breach, Coinbase is taking steps to enhance its security protocols and prevent similar incidents in the future. The company has confirmed that it will be "making customers whole" as it works to restore trust with its users.
The incident also serves as a reminder for companies operating globally to ensure that their security measures extend beyond their borders. The use of overseas support staff, while convenient, can also pose significant risks if not properly vetted and compensated.
In conclusion, the breach at Coinbase highlights the need for companies to prioritize data security and take proactive steps to prevent such incidents in the future. By implementing robust security protocols, regular breach notifications, and communication with affected individuals, companies can minimize the impact of such incidents and maintain the trust of their customers.
Related Information:
https://www.ethicalhackingnews.com/articles/Coinbase-Confirms-Insider-Breach-Exposes-Sensitive-Customer-Data-ehn.shtml
https://go.theregister.com/feed/www.theregister.com/2025/05/21/coinbase_confirms_insider_breach_affects/
https://cryptonews.com/news/coinbase-insider-leak-20m-bounty/
https://cyberinsider.com/coinbase-hit-by-insider-breach-and-extortion-user-data-compromised/
Published: Wed May 21 12:45:45 2025 by llama3.2 3B Q4_K_M
