最新的加密數據洩露突顯了一個簡單的事實：黑客針對人類

當交換準備加入標準普爾500指數時，這一“共依基安全事件”就碰到了，但它源於賄賂和社會工程

The latest crypto data breach serves as a stark reminder that hackers often target humans, not just software. In May 2025, fewer than 1% of Coinbase users had their personal data breached by bribery and social engineering, rather than a flaw in the exchange's technology.

最新的加密數據洩露是一個明顯的提醒，即黑客通常針對人類，而不僅僅是軟件。在2025年5月，不到1％的Coinbase用戶對賄賂和社會工程洩露了個人數據，而不是交易所技術的缺陷。

This incident hit right as Coinbase was preparing to join the S&P 500. While no login passwords, two-factor codes or private keys were leaked, the fallout is nonetheless massive, with Coinbase now expecting $180–$400 million in costs for remediation and reimbursements.

當Coinbase準備加入標準普爾500指數時，此事件恰恰相反。雖然沒有登錄密碼，兩因素代碼或私鑰洩漏，但輻射卻是巨大的，Coinbase現在預計補救和補償的成本為1.80億美元。

Coinbase's breach began quietly in late 2024. According to a regulatory filing, criminal hackers bribed Coinbase's overseas customer-support contractors to siphon customer information, starting around December 26, 2024.

Coinbase的違規行為始於2024年底。根據監管文件，犯罪黑客將Coinbase的海外客戶支持承包商賄賂了Siphon客戶信息，從2024年12月26日左右開始。

The fraud went unnoticed until May 11, 2025, when Coinbase's security team spotted suspicious activity – the same day the attackers emailed a $20  million ransom demand. Coinbase refused and disclosed the incident on May 15.

直到2025年5月11日，Coinbase的安全團隊發現可疑活動時，欺詐行為一直沒有註意到 - 襲擊者通過電子郵件發送了2000萬美元的贖金需求。 Coinbase拒絕並於5月15日披露了這一事件。

In total, about 69,461 customer accounts were impacted. The stolen data was personal, not technical. Attackers obtained names, postal addresses, phone numbers, and emails for these customers, plus masked identifiers: the last four digits of Social Security numbers, partial bank-account info, images of drivers’ licenses or passports, and snapshots of account balances and transaction history.

總共約有69,461個客戶帳戶受到影響。被盜的數據是個人的，不是技術性的。攻擊者為這些客戶獲得了姓名，郵政地址，電話號碼和電子郵件，以及蒙版標識符：社會保險號碼的最後四位數字，部分銀行賬戶信息，駕駛員許可或護照的圖像以及帳戶平衡和交易歷史記錄的快照。

Critically, no login passwords, two-factor codes or private keys were leaked – the thieves could not directly access funds or cryptocurrency wallets.

至關重要的是，沒有洩露的登錄密碼，兩因素代碼或私鑰 - 小偷無法直接訪問資金或加密貨幣錢包。

Coinbase maintained that no customer funds or password data were touched. The stolen information was valuable mainly for social engineering – impersonating Coinbase in order to trick users into sending crypto to the scammers.

Coinbase堅持認為沒有觸摸客戶資金或密碼數據。被盜的信息主要對於社會工程而言是有價值的 - 冒充Coinbase，以欺騙用戶將加密貨幣發送給騙子。

This attack was classic crypto social engineering. Rather than hacking a server, criminals preyed on trust. They targeted a “few bad apples” among Coinbase’s support staff with cash bribes.

這種攻擊是經典的加密社會工程。罪犯沒有侵犯服務器，而是捕食信任。他們針對Coinbase的支持人員的“幾個壞蘋果”，以現金賄賂。

These insiders had access to customer data and were paid to copy it. With that data, the criminals planned to pose as Coinbase support and contact victims.

這些內部人可以訪問客戶數據並獲得付款以復制它。有了這些數據，犯罪分子計劃擺姿勢作為Coinbase支持並與受害者聯繫。

Social engineering tactics like smishing (phishing via SMS) and vishing (voice phishing) are growing in crypto. For example, security firm KnowBe4 described a Coinbase incident in which an employee first received a malicious text asking them to log into a work account; moments later, a caller pretending to be IT support urged the employee to grant access to their workstation.

Crypto中的社會工程策略（例如Smishing（網絡釣魚）和Vishing（語音網絡釣魚））正在增長。例如，安全公司Snowbe4描述了一個Coinbase事件，其中員工首先收到了惡意文字，要求他們登錄工作帳戶；片刻之後，一個假裝支持它的來電者敦促員工授予其工作站的訪問權限。

The employee grew suspicious and reported the attempt, preventing a deeper breach. “No funds were taken and no customer information was accessed… but some limited contact information for our employees was taken,” Coinbase noted after that attack.

該員工變得可疑，並報告了這一嚐試，以防止更深刻的違規行為。 Coinbase在這次襲擊後指出：“沒有拿走資金，也沒有訪問客戶信息……但是我們員工的聯繫信息有限。”

In Coinbase’s May breach, the combination of inside help and scam tactics bypassed the company’s technical barriers. The hackers did not need to break passwords or crack two-factor codes. They simply leveraged the trust placed in human agents to extract data.

在Coinbase的May違規中，內部幫助和騙局策略的結合繞開了公司的技術障礙。黑客無需打破密碼或破解兩因素代碼。他們只是利用人類代理商的信任來提取數據。

As Coinbase’s CEO Brian Armstrong put it, attackers simply “found a few bad apples” and socially engineered their way into private data.

正如Coinbase的首席執行官Brian Armstrong所說，攻擊者只是“發現了一些不好的蘋果”，並在社會上進行了社會設計的方式。

The fallout was swift. Shares of Coinbase slid as the breach hit headlines, but more importantly, the company acted immediately to protect customers.

後果很快。 Coinbase的股票滑行是漏洞的頭條新聞，但更重要的是，該公司立即採取行動保護客戶。

In compliance with data laws, Coinbase began mailing breach notification letters to affected customers and offered them a year of credit monitoring and identity-theft insurance.

根據數據法，Coinbase開始向受影響的客戶郵寄漏洞通知書，並向他們提供了一年的信用監控和身份盜用保險。

Financially, Coinbase warned the incident would be costly – on the order of $180–$400 million in total. This includes forensic costs, customer reimbursements for any social-engineering losses, and regulatory fines.

在財務上，Coinbase警告說，這一事件將是昂貴的 - 總計1.80億美元的訂單。這包括法醫費用，任何社會工程損失的客戶報銷以及監管罰款。

The attackers’ $20M ransom demand was rebuffed. Instead, Coinbase created a $20M reward fund for tips leading to the hackers’ capture. The company also fired the support agents involved and said it will press charges.

襲擊者的2000萬美元贖金需求被拒絕。相反，Coinbase為導致黑客捕獲的技巧創建了一筆2000萬美元的獎勵基金。該公司還解雇了涉及的支持代理商，並表示將提出指控。

To prevent future incidents, Coinbase beefed up security. Impacted accounts are being flagged with extra checks and scam-alert prompts.

為了防止未來的事件，共同依次加強了安全性。受影響的帳戶正在標記，並附有額外的支票和騙局提示。

On May 15, Coinbase announced it would reimburse any customer tricked into sending crypto to the attackers. It is opening a new U.S.-based support center and enforcing stronger access controls in overseas offices. The exchange is also investing in better insider-threat monitoring and more employee training on spotting scams.

5月15日，Coinbase宣布將償還任何被欺騙將加密貨幣發送給攻擊者的客戶。它正在開設一個新的美國支持中心，並在海外辦事處執行更強大的訪問控制。該交易所還投資了更好的內部威脅監控和更多的員工培訓，以發現發現騙局。

The Coinbase security incident drives home a broader point: human error remains crypto’s weakest link. Technical defenses can be state-of-the-art, but a single compromised staffer can hand attackers the keys to the kingdom.

Coinbase安全事件引起了更廣泛的重點：人為錯誤仍然是加密蛋白的最弱點。技術防禦可能是最先進的，但是單一折衷的員工可以將攻擊者掌握到王國的鑰匙。

Industry surveys back this up. One IBM/Ponemon study found nearly half of all breaches involve human mistakes or insider actions. And as KnowBe4 bluntly puts it, “anyone can fall victim to a social engineering attack” – including cryptocurrency professionals.

行業對此進行了調查。一項IBM/Ponemon研究發現，幾乎所有違規行為都涉及人類錯誤或內部行動。正如Knowbe4直言不諱的那樣，“任何人都可以成為社會工程攻擊的受害者”，包括加密貨幣專業人員。

For crypto investors, the takeaway is vigilance. Always treat unsolicited calls, texts, or emails with skepticism, even if they reference your account.

對於加密投資者來說，要點是警惕。即使他們引用您的帳戶，也始終以無疑的方式對待未經請求的電話，文本或電子郵件。

Verify any Coinbase communications through official

通過官方驗證任何共同溝通