Coinbase披露數據洩露的影響不到1％

美國最大的加密貨幣交易所Coinbase在2025年5月披露了嚴重的數據洩露，影響了其不到1％的用戶。

Coinbase, the largest U.S. cryptocurrency exchange, has disclosed a significant data breach affecting less than 1% of its users, hackers bribed overseas support agents to steal personal data.

Coinbase是美國最大的加密貨幣交易所，已披露了嚴重的數據洩露，影響了不到1％的用戶，黑客賄賂了海外支持代理商以竊取個人數據。

What Happened: On May 15, hackers breached the security protocols of Coinbase (NASDAQ:COIN), reportedly bribing and recruiting rogue overseas support agents and contractors, who leaked sensitive information.

發生的事情是：5月15日，黑客違反了Coinbase（NASDAQ：COIN）的安全協議，據報導賄賂和招募了Rogue Overseas Supperase支持代理商和承包商，他們洩露了敏感信息。

The compromised data includes names, phone numbers, addresses, government IDs, partial Social Security numbers, and account details. However, no passwords, private keys, or funds were compromised, and the exchange’s Prime accounts remained untouched.

折衷的數據包括姓名，電話號碼，地址，政府ID，部分社會安全號碼和帳戶詳細信息。但是，沒有密碼，私鑰或資金受到損害，交易所的主要帳戶仍未受到影響。

A small subset of Coinbase’s monthly transacting users (MTUs) had personal data stolen, estimated at less than 1%, which translates to approximately 97,000 customers, considering the company’s 9.7 million MTUs reported in its March annual report.

考慮到該公司在3月的年度報告中報導，Coinbase每月交易用戶（MTU）的一小部分被盜，估計不到1％，轉化為約97,000個客戶。

The hackers demanded a $20 million ransom to refrain from publicly releasing the stolen data, a request that Coinbase refused. In response, the exchange is terminating the involved staff, plans to press criminal charges, and has established a $20 million reward fund for information leading to the perpetrators’ arrest and conviction.

黑客要求耗資2000萬美元的贖金，以避免公開釋放被盜的數據，這是Coinbase拒絕的請求。作為回應，交易所正在終止參與人員，計劃向刑事指控申請，並為導致肇事者被捕和定罪的信息建立了2000萬美元的獎勵基金。

Coinbase estimates the financial impact of the breach, including customer reimbursements and recovery efforts, could range from $180 million to $400 million.

Coinbase估計，包括客戶報銷和恢復工作在內的違規行為的財務影響可能從1.8億美元到4億美元不等。

Coinbase’s Security Record

Coinbase的安全記錄

This incident adds to a series of security challenges encountered by Coinbase throughout the years.

多年來，這一事件增加了Coinbase遇到的一系列安全挑戰。

In 2021, hackers exploited a flaw in SMS-based two-factor authentication (2FA) through phishing scams, affecting over 6,000 users. The hackers gained access to user credentials and stole crypto assets.

2021年，黑客通過網絡釣魚騙局利用了基於SMS的兩因素身份驗證（2FA）中的缺陷，影響了6,000多名用戶。黑客獲得了對用戶憑據和偷走加密資產的訪問權限。

In 2023, the Octopus hacker group attempted to breach Coinbase’s systems but failed. The group is known for spear phishing attacks on employees of cryptocurrency firms.

2023年，章魚黑客集團試圖違反Coinbase的系統，但失敗了。該小組以對加密貨幣公司員工的矛網釣魚攻擊而聞名。

Despite robust security measures – such as storing 98% of assets in offline cold storage, AES-256 encryption, and insurance for hot wallets – Coinbase has struggled with technical issues like server crashes during high-traffic periods and account recovery vulnerabilities. These incidents fuel user skepticism, with some reporting difficulties obtaining timely support.

儘管採取了強大的安全措施，例如將98％的資產存儲在離線冷藏庫中，AES-256加密和熱錢包的保險 - Coinbase仍在努力處理技術問題，例如在高流量期間服務器崩潰和帳戶恢復漏洞。這些事件助長了用戶的懷疑，一些報告困難獲得了及時的支持。

Coinbase’s security practices have come under scrutiny, particularly in the wake of a $15 million rug pull scam that defrauded users of the Base blockchain project, a subsidiary of Coinbase. The scammers created a fake version of the Base website and stole user funds.

Coinbase的安全慣例受到了審查，特別是在一個耗資1500萬美元的地毯拉騙局之後，欺騙了Coinbase的子公司基本區塊鏈項目的用戶。騙子創建了基本網站的假版，並偷走了用戶資金。

Coinbase is also facing a lawsuit from a group of Coinbase users who are seeking class action status over the alleged mishandling of a phishing attack that affected a large number of users in 2022. The hackers reportedly stole over $370 million in crypto assets from user accounts.

Coinbase還面臨著一群Coinbase用戶的訴訟，他們正在尋求集體訴訟狀況，因為所謂的網絡釣魚攻擊不當，該攻擊影響了2022年的大量用戶。據報導，黑客從用戶帳戶中偷走了超過3.7億美元的加密資產。

Coinbase has been a target of cybercriminals due to its status as a leading cryptocurrency exchange. The company is constantly investing in new security technologies and procedures to protect its users and assets from cyber threats.

由於其作為領先的加密貨幣交換的地位，Coinbase一直是網絡犯罪分子的目標。該公司不斷投資新的安全技術和程序，以保護其用戶和資產免受網絡威脅。