Coinbase Discloses Data Breach Affecting Less Than 1% of Users

Coinbase, the largest U.S. cryptocurrency exchange, disclosed a significant data breach in May 2025, affecting less than 1% of its users.

Coinbase, the largest U.S. cryptocurrency exchange, has disclosed a significant data breach affecting less than 1% of its users, hackers bribed overseas support agents to steal personal data.

What Happened: On May 15, hackers breached the security protocols of Coinbase (NASDAQ:COIN), reportedly bribing and recruiting rogue overseas support agents and contractors, who leaked sensitive information.

The compromised data includes names, phone numbers, addresses, government IDs, partial Social Security numbers, and account details. However, no passwords, private keys, or funds were compromised, and the exchange’s Prime accounts remained untouched.

A small subset of Coinbase’s monthly transacting users (MTUs) had personal data stolen, estimated at less than 1%, which translates to approximately 97,000 customers, considering the company’s 9.7 million MTUs reported in its March annual report.

The hackers demanded a $20 million ransom to refrain from publicly releasing the stolen data, a request that Coinbase refused. In response, the exchange is terminating the involved staff, plans to press criminal charges, and has established a $20 million reward fund for information leading to the perpetrators’ arrest and conviction.

Coinbase estimates the financial impact of the breach, including customer reimbursements and recovery efforts, could range from $180 million to $400 million.

Coinbase’s Security Record

This incident adds to a series of security challenges encountered by Coinbase throughout the years.

In 2021, hackers exploited a flaw in SMS-based two-factor authentication (2FA) through phishing scams, affecting over 6,000 users. The hackers gained access to user credentials and stole crypto assets.

In 2023, the Octopus hacker group attempted to breach Coinbase’s systems but failed. The group is known for spear phishing attacks on employees of cryptocurrency firms.

Despite robust security measures – such as storing 98% of assets in offline cold storage, AES-256 encryption, and insurance for hot wallets – Coinbase has struggled with technical issues like server crashes during high-traffic periods and account recovery vulnerabilities. These incidents fuel user skepticism, with some reporting difficulties obtaining timely support.

Coinbase’s security practices have come under scrutiny, particularly in the wake of a $15 million rug pull scam that defrauded users of the Base blockchain project, a subsidiary of Coinbase. The scammers created a fake version of the Base website and stole user funds.

Coinbase is also facing a lawsuit from a group of Coinbase users who are seeking class action status over the alleged mishandling of a phishing attack that affected a large number of users in 2022. The hackers reportedly stole over $370 million in crypto assets from user accounts.

Coinbase has been a target of cybercriminals due to its status as a leading cryptocurrency exchange. The company is constantly investing in new security technologies and procedures to protect its users and assets from cyber threats.