Coinbase Global，Inc。遭受重大網絡安全事件

Coinbase Global，Inc。是世界上最大的加密貨幣交易所之一，以8-K表格披露了一次重大網絡安全事件

Coinbase Global (NASDAQ:COIN) disclosed a major cybersecurity incident in a Form 8-K filing with the SEC on May 14. The incident, which involved the unauthorized access of sensitive customer information and internal company documentation by an unknown threat actor, is estimated to result in remediation costs of $180 million to $400 million.

Coinbase Global（NASDAQ：COIN）於5月14日向SEC提交的8-K申請表格披露了一次重大網絡安全事件。該事件涉及未經授權訪問敏感客戶信息和不知名的威脅參與者內部公司文檔的事件，估計會導致補救成本為1.8億美元至4億美元。

The company, one of the world’s largest crypto exchanges, discovered the breach on May 11 when a subsidiary, Coinbase, Inc., received an email from the threat actor. The email claimed that the actor had collected data from multiple contractors or employees in support roles outside the U.S., who were paid by the threat actor to cooperate.

該公司是世界上最大的加密貨幣交易所之一，於5月11日發現了違規行為，當時子公司Coinbase，Inc。收到了威脅性演員的電子郵件。該電子郵件聲稱，這位演員已從多個承包商或員工收集了美國以外的支持角色的數據，這些角色是由威脅演員付款的。

These employees, who had access to internal Coinbase systems for their assigned job functions, collected customer account details and internal documentation, such as materials related to customer-service and account-management systems. Coinbase’s own security monitoring systems had independently detected instances of unauthorized data access by these personnel in the months leading up to the email.

這些員工可以訪問其分配的工作職能的內部Coinbase系統，並收集了客戶帳戶詳細信息和內部文檔，例如與客戶服務和帳戶管理系統有關的材料。 Coinbase自己的安全監控系統在電子郵件前的幾個月中獨立檢測了這些人員未經授權的數據訪問的實例。

Upon discovery, Coinbase terminated the involved parties, implemented enhanced fraud-monitoring protections, and warned affected customers to prevent misuse of their data. However, the May 11 email revealed that these prior incidents were part of a coordinated campaign, which Coinbase now refers to as the “Incident.”

發現後，Coinbase終止了相關方，實施了增強的欺詐監控保護，並警告受影響的客戶防止濫用數據。但是，5月11日的電子郵件顯示，這些先前的事件是協調活動的一部分，該活動現在稱為“事件”。

The threat actor is demanding a ransom to refrain from publicly disclosing the stolen data. Coinbase has refused to pay and is cooperating with law enforcement to investigate the breach.

威脅行為者要求贖金避免公開披露被盜數據。 Coinbase拒絕付款，並正在與執法部門合作以調查違規行為。

While the breach did not involve the compromise of customer passwords, private keys, or access to funds, the scope of the stolen data is concerning. According to Coinbase, the exposed information includes:

儘管違規行為不涉及客戶密碼，私鑰或訪問資金的妥協，但被盜數據的範圍是有關的。根據Coinbase的說法，暴露的信息包括：

* Email addresses and phone numbers of certain Coinbase customers

*某些Coinbase客戶的電子郵件地址和電話號碼

* Names of some Coinbase customers

*某些共同客戶的名稱

* A limited subset of customer service inquiries

*有限的客戶服務查詢子集

* Internal company documentation, such as organizational charts and articles from Coinbase’s internal company blog

*內部公司文檔，例如Coinbase的內部公司博客的組織圖表和文章

* Some U.S. payroll data for a portion of Coinbase’s contractors and employees in support roles

*一些美國承包商和員工的一部分美國薪資數據

Coinbase highlighted that the incident did not affect the security of customer funds, as the involved contractors and employees lacked access to financial systems. However, the exposed data could be used for social-engineering attacks, such as phishing or identity theft, prompting the company to bolster its anti-fraud measures.

Coinbase強調，由於所涉承包商和員工無法使用金融系統，因此事件並不影響客戶資金的安全。但是，暴露的數據可用於社會工程攻擊，例如網絡釣魚或身份盜用，促使該公司加強其反欺詐措施。

Coinbase has yet to determine the full financial impact of the breach, but preliminary estimates suggest remediation costs and voluntary customer reimbursements could range between $180 million and $400 million. This figure accounts for expenses related to mitigating the breach, enhancing security protocols, and compensating eligible retail customers who may have sent funds to the threat actor as a direct result of the incident.

Coinbase尚未確定違規行為的全部財務影響，但是初步估計表明，補救成本和自願客戶報銷可能在1.8億至4億美元之間。該數字說明了與減輕違規行為，增強安全協議以及補償合格零售客戶有關的費用，這些零售客戶可能已將資金寄給威脅參與者，這是事件的直接結果。

The company is still reviewing potential losses, indemnification claims, and possible recoveries, which could significantly alter this estimate.

該公司仍在審查潛在損失，賠償索賠和可能的追回，這可能會大大改變這一估計。

Operationally, Coinbase reports no material disruptions as of May 14. However, the breach has prompted the company to take proactive steps to strengthen its defenses. These include opening a new support hub in the United States and implementing additional measures to prevent similar incidents in the future.

在操作上，Coinbase報告截至5月14日，沒有任何重大干擾。但是，違規行為促使該公司採取積極的步驟來加強其防禦能力。其中包括在美國開設一個新的支持中心，並採取其他措施以防止將來發生類似事件。

Coinbase’s refusal to pay the ransom aligns with growing industry and law enforcement recommendations to avoid incentivizing cybercriminals. The company’s cooperation with authorities signals a commitment to pursuing legal remedies and holding those responsible accountable. Additionally, Coinbase’s decision to voluntarily reimburse affected customers demonstrates an effort to maintain trust in a highly competitive market.

Coinbase拒絕支付贖金與不斷發展的行業和執法建議，以避免激勵網絡犯罪分子。該公司與當局的合作表示承諾尋求法律補救措施，並使那些負責任的人承擔責任。此外，Coinbase自願償還受影響客戶的決定表明，努力保持對競爭激烈的市場的信任。

The breach highlights the vulnerabilities inherent in the cryptocurrency sector, where centralized platforms like Coinbase hold vast amounts of sensitive user data. Unlike decentralized blockchain networks, which are inherently resistant to certain types of attacks, centralized exchanges remain prime targets for cybercriminals. The incident may fuel calls for stricter cybersecurity regulations in the crypto industry, particularly as institutional adoption of digital assets grows.

漏洞突出了加密貨幣部門固有的漏洞，其中集中式平台（例如Coinbase）擁有大量敏感用戶數據。與分散的區塊鍊網絡固有抵抗某些類型的攻擊不同，集中式交流仍然是網絡犯罪分子的主要目標。該事件可能會在加密行業製定更嚴格的網絡安全法規，尤其是隨著機構採用數字資產的增長。

In its SEC filing, Coinbase acknowledged several risks that could affect its response to the breach. The ongoing investigation may uncover additional compromised data or unforeseen financial liabilities. Legal and reputational risks also loom large, as affected customers may pursue claims against the company. Furthermore, the potential for additional cybersecurity incidents could exacerbate Coinbase’s challenges.

在SEC申請中，Coinbase承認幾種可能影響其對違規行為的反應的風險。正在進行的調查可能會發現其他損害數據或不可預見的金融負債。法律和聲譽風險也迫在眉睫，因為受影響的客戶可能會對公司提出索賠。此外，發生其他網絡安全事件的潛力可能會加劇Coinbase的挑戰。

The company referenced its Annual Report on Form 10-K for 2024 and subsequent quarterly reports, which detail broader risks facing the business, including regulatory scrutiny and market volatility. These factors, combined with the breach, could test Coinbase’s resilience in the coming months.

該公司提到了其2024年表格10-K的年度報告以及隨後的季度報告，其中詳細介紹了該業務面臨的更廣泛風險，包括監管審查和市場波動。這些因素以及違規的因素可以在未來幾個月內測試Coinbase的彈性。