![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
Cryptocurrency News Articles
Coinbase Is Dealing with the Fallout of a Recent Cyberattack
May 16, 2025 at 11:48 am
The breach impacted a “small subset” of users and included sensitive information such as names, email addresses, phone numbers
Crypto exchange Coinbase is dealing with the fallout of a recent cyberattack that exposed personal data of some of its customers and may cost the company up to $400 million, according to a regulatory filing.
The company said on Thursday that the breach impacted a “small subset” of users and included sensitive information such as names, email addresses, phone numbers, partial Social Security numbers, masked bank account details, and even government-issued IDs. Login credentials and private keys were not accessed, Coinbase assured users.
“Cyber criminals bribed and recruited rogue overseas support agents to pull personal data on <1% of Coinbase MTUs. No passwords, private keys, or funds were exposed. Prime accounts are untouched. We will reimburse impacted customers,” Coinbase wrote on X.
We are disclosing a legal matter that may impact our financials. A third-party contractor pulled personal data on <1% of Coinbase MTUs. No passwords, private keys, or funds were exposed. Prime accounts are untouched. We will reimburse impacted customers. Here's what happened:Earlier this year, we became aware of a threat actor attempting to extort Coinbase and sell personal data of a small subset of our customers. The threat actor, who appears to be based in Eastern Europe, threatened to release the data unless we paid a ransom of $20 million in Bitcoin by May 10. They also claimed to have internal documents, such as presentations and meeting notes.We learned that the threat actor had managed to bribe several third-party contractors and support staff outside of the United States to gain access to internal data. Those involved have been identified and terminated.
The threat actor appears to have pulled the personal data of <1% of Coinbase users. This information includes names, email addresses, phone numbers, partial Social Security numbers, masked bank account details, and government-issued ID types. However, login credentials and private keys were not accessed. In addition, the threat actor does not appear to have accessed any prime accounts or any other internal data.
We are deeply sorry that this incident occurred. We take the security and privacy of our customers’ data extremely seriously. We are working diligently to mitigate any potential impact on our customers and to take steps to prevent such incidents from happening in the future.
Coinbase is a leading cryptocurrency exchange that provides a platform for buying, selling, and trading digital currencies. The company is publicly traded on the Nasdaq Stock Exchange. It is also subject to regulation by the U.S. Securities and Exchange Commission (SEC) and other agencies.The company said it expects a financial impact ranging between $180 million and $400 million as a result of the attack. Its stock dropped by over 6.5 per cent following the news.
Separately, the US Securities and Exchange Commission (SEC) is looking into whether Coinbase previously provided inaccurate information about its user statistics. According to Reuters, the regulator is reviewing the company’s previously reported “verified user” numbers, which could raise concerns about its customer verification practices.
However, Coinbase has denied any ongoing probe related to know-your-customer (KYC) or Bank Secrecy Act compliance. Chief Legal Officer Paul Grewal reportedly said that the investigation is a “hold-over” from the previous administration.
“This is a hold-over investigation from the prior administration about a metric we stopped reporting two and a half years ago, which was fully disclosed to the public,” Grewal said. “While we strongly believe that this investigation should not continue, we remain committed to working with the SEC to bring this matter to a close.”
The SEC’s interest reportedly continues despite the agency dropping an earlier lawsuit that accused Coinbase of operating without proper registration.
Disclaimer:info@kdj.com
The information provided is not trading advice. kdj.com does not assume any responsibility for any investments made based on the information provided in this article. Cryptocurrencies are highly volatile and it is highly recommended that you invest with caution after thorough research!
If you believe that the content used on this website infringes your copyright, please contact us immediately (info@kdj.com) and we will delete it promptly.
-
- The Ethereum Pectra upgrade introduced a significant upgrade in account abstraction accessibility, with multiple wallets already implementing the change.
- Jun 07, 2025 at 04:30 am
- Pectra introduced Ethereum Improvement Proposal (EIP) 7702, a change that Ivo Georgiev, founder and CEO of self-custodial smart wallet Ambire, described as “the single greatest UX upgrade to Ethereum so far.”
-
-
-
-
-
-
-
-