Hackers Had Access to Coinbase Customer Data Since January: Report

By: cryptopotato|2025/05/16 10:30:08
0
Share
copy
Following the recent Coinbase $400 million breach, it has been revealed that hackers gained unauthorized access to sensitive customer data as early as January.A person familiar with the matter said the attackers had constant access by bribing customer service representatives, eventually demanding a $20 million ransom.Culprits Bribed Foreign-Based Support StaffAccording to a Bloomberg report, the perpetrators targeted employees and contractors based outside the United States who were part of Coinbase’s business process outsourcing operations.By paying off a small group of insiders, they were able to get sensitive user information. The stolen data included names, birth dates, addresses, government-issued ID numbers, banking details, account balances, and creation dates. This information could be used to impersonate either Coinbase or its customers and potentially access other financial accounts.“It’s a major breach, the amount of personal information shared is staggering,” said Mike Dudas, managing partner at web3 firm 6MV and a victim of the attack.The source claimed that the hackers had access to user data since January, but Coinbase Chief Security Officer Philip Martin disputed this. He explained that once the firm was aware of the information sharing, permission was revoked, hence the culprits did not have constant access throughout the period.However, he acknowledged that there were multiple bribery incidents, with Coinbase first detecting signs of suspicious activity from the support agents months before the May 11 ransom demand. Following this, the implicated agents were immediately quarantined and fired.Details From the BreachThe exchange disclosed the situation to the public in a Thursday announcement. In a blog post, it revealed that less than 1% of monthly transacting users were affected by the incident. The attackers aimed to build a list of customers to impersonate Coinbase and trick users into handing over their crypto assets. When the $20 million ransom demand was rejected, the bad actors increased their extortion attempts.The company clarified that login credentials, private keys, and Prime accounts were not compromised, and no customer wallets were accessed. In response to the breach, Coinbase has said it will reimburse any users who lost money and boost its internal security systems. It also announced plans to open a new U.S.-based customer support hub.In addition, the firm launched a $20 million bounty for information leading to the attackers’ arrest, tagged stolen funds for recovery, and is working with authorities to pursue criminal charges against the involved insiders.The incident adds to a growing list of cyberattacks targeting the industry. A recent report by Immunefi highlighted that crypto projects lost $92.5 million in April 2025 alone across 15 separate attacks. This figure is a 27.3% increase from the $72.6 million lost in April 2024, and more than double the $41.4 million recorded in March 2025.The post Hackers Had Access to Coinbase Customer Data Since January: Report appeared first on CryptoPotato.

-- Price

--

You may also like

Morning News | SK Hynix officially launches the marketing promotion process for its U.S. stock listing; the Central Cyberspace Administration announces the results of the first phase of rectifying AI application chaos, with over 14,000 non-compliant pr...

July 6 Market Important Events Overview

How has Binance's stock business performed in the 30 days since its launch?

Emerging market buying supported the first wave of demand.

Blockchain Capital Partner: AI is rewriting the fundamental unit of labor

The rise of AI is rewriting the basic unit of labor from "positions" and "companies" to "tasks." When programmable labor meets programmable currency, a production line without companies, salary systems, or HR becomes possible for the first time.

Can Open USD support Stripe's ambitions?

Stripe collaborates with multiple parties to launch OUSD, not only challenging the dominance of USDC but also exposing its trillion-dollar ambition to transition from a "payment interface" to a "next-generation funds settlement network."

Founder of Baixing.com: I believe half of the statement that large language models devour everything

The internet has been shouting for so many years about devouring everything. Has it really devoured everything now? Is it the internet that devours everything, or is it the large models that devour everything? Both are devouring, and nothing is left?

A "legal" robbery? Attackers emptied the BonkDAO treasury by buying tickets

Handing over the keys to the vault to a public vote where "anyone can spend money to participate," without sufficient oversight mechanisms, even the most legitimate governance ideals may turn into the most convenient tools for attackers.

Contents

Popular coins

Latest Crypto News

Read more
iconiconiconiconiconiconicon
Customer Support:@weikecs
Business Cooperation:@weikecs
Quant Trading & MM:bd@weex.com
VIP Program:support@weex.com