Coinbase breach hit almost 70k users — Attorneys

Coinbase’s Data Breach: A Six-Month Delay and $400 Million in Losses

A recently filed document with Maine’s attorney general reveals a significant data breach at Coinbase, impacting nearly 69,500 users and remaining undetected for almost six months. The breach, discovered on May 11, 2025, occurred on December 26, 2024, affecting 217 Maine residents among the total compromised users. This delay in discovery has resulted in a wave of lawsuits against Coinbase, with clients alleging insufficient and untimely notification of the security incident.

The breach cost Coinbase an estimated $400 million, encompassing losses from social engineering scams and remediation expenses. The company confirmed that the attackers employed social engineering tactics, convincing customer service representatives to divulge limited user information, including names, contact details, and addresses. A subsequent ransom demand of $20 million was rejected by Coinbase. While Coinbase terminated the implicated contractors and promised remediation or reimbursement to affected clients, its stock price dropped by 7% following the news.

The breach raises serious concerns about the security of Know Your Customer (KYC) data and highlights the growing cybersecurity threats facing the cryptocurrency industry. The leaked data included information on Roelof Botha, a Sequoia Capital partner, suggesting a wider impact beyond individual Coinbase users. The incident has prompted investigations, including a probe initiated by the United States Department of Justice (DOJ), although updates on the investigation and the extortion attempt remain pending as of May 21.

Experts warn that such data breaches pose severe risks to cryptocurrency investors’ physical safety, making them vulnerable to extortion, kidnapping, and armed robbery. The scale of the breach and the substantial financial and reputational damage underscore the critical need for enhanced security measures within the cryptocurrency exchange landscape. The long delay in detection further emphasizes the importance of robust internal security protocols and proactive threat monitoring.

Leave a Reply

Your email address will not be published. Required fields are marked *