Coinbase中的內部人員洩漏了用戶數據，導致了重大網絡安全事件並在本月初暴露了關鍵的用戶數據。

2025年5月11日，該公司收到了一位未知威脅行為者的贖金要求，他們聲稱擁有有關Coinbase客戶帳戶和內部Coinbase文件的信息

A report by CyberNews has provided further details concerning a recent cybersecurity incident at Coinbase, revealing that an unknown threat actor had threatened to release data on the company's customer accounts and internal documents.

Cyber​​news的一份報告提供了有關Coinbase最近發生的網絡安全事件的進一步詳細信息，該報告表明，一位未知的威脅演員威脅要發布有關公司客戶帳戶和內部文件的數據。

On May 11, the company received an email from aบุรุษม پیامرسان threatening to disclose information about Coinbase customer accounts and internal documents, including materials related to customer service and account management systems.

5月11日，該公司收到了來自บุรุษมپیپیپیپی援者的電子郵件，威脅要披露有關Coinbase客戶帳戶和內部文檔的信息，包括與客戶服務和帳戶管理系統有關的材料。

The company stated that the actors claimed to have data on "less than 1% of the Coinbase monthly transacting users."

該公司表示，演員們聲稱擁有“不到1％的共同訂閱每月交易用戶”的數據。

While the exact number of affected users wasn't mentioned, it's worth noting that the publicly traded company, which operates the largest U.S.-based cryptocurrency exchange, has over 100 million users.

儘管未提及受影響的用戶的確切數量，但值得注意的是，經營美國最大的加密貨幣交易所的公開交易公司擁有超過1億用戶。

The stolen data includes name, address, phone number, email address, Social Security number (last four digits), masked bank account numbers (and some identifiers), and government ID images (driver’s licenses and passports). It also includes account data, such as balance snapshots and transaction history.

被盜的數據包括名稱，地址，電話號碼，電子郵件地址，社會保險號（最後四位數），蒙版的銀行帳號（以及某些標識符）以及政府ID圖像（駕駛執照和護照）。它還包括帳戶數據，例如餘額快照和交易歷史記錄。

Moreover, some corporate data was taken, which includes training material and communications available to support agents. However, no passwords or private keys were included.

此外，獲取了一些公司數據，其中包括可用於支持代理商的培訓材料和通信。但是，不包括密碼或私鑰。

The ongoing internal Coinbase investigation has found that this ransomware incident was part of a single campaign, and that the ransomware email is credible. However, Coinbase will not be paying the ransom. The company will be cooperating with law enforcement.

正在進行的內部Coinbase調查發現，這一勒索軟件事件是單個廣告系列的一部分，勒索軟件電子郵件是可信的。但是，Coinbase不會支付贖金。該公司將與執法部門合作。

Coinbase's ongoing internal investigation has found that the source of the breach is cybercriminals who bribed and recruited employees in support roles or contractors outside of the U.S. who had access to internal systems.

Coinbase正在進行的內部調查發現，違規的根源是網絡犯罪分子，他們賄賂和招募了僱員，擔任美國以外的支持角色或承包商，他們可以使用內部系統。

Coinbase has found instances of personnel accessing data without a legitimate business need in previous months through their independent monitoring systems.

Coinbase發現了前幾個月通過其獨立監控系統在沒有合法業務需求的情況下訪問數據的實例。

Coinbase responded by terminating the involved employees and contractors, and by rolling out heightened fraud-monitoring protections. A new support hub will be opening in the U.S., and the company will be taking measures to increase defenses and safeguards, including requiring extra ID checks on large withdrawals and mandatory scam awareness prompts for flagged accounts.

Coinbase通過終止參與的僱員和承包商的回應，並推出更高的欺詐監控保護。美國將在美國開放一個新的支持中心，該公司將採取措施增加防禦和保障措施，包括需要進行大型提款和強制性騙局意識提示提示標記帳戶的額外ID檢查。

Coinbase has warned users that they may experience some delays as high risk transactions are monitored. They’ve also contacted customers who may have had their information compromised.

Coinbase警告用戶，由於監控高風險交易，他們可能會遇到一些延遲。他們還聯繫了可能遭到損害信息的客戶。

Instead of paying the $20 million ransom demand, Coinbase has created a $20 million reward fund as a bounty, offering it to whomever can provide information that leads to the arrest and conviction of the criminals responsible for the attack.

Coinbase並沒有支付2000萬美元的贖金需求，而是創建了一個耗資2000萬美元的獎勵基金作為賞金，將其提供給可以提供信息的人，從而導致逮捕和定罪負責襲擊的罪犯。

The company estimates the remediation could cost it between $180 million and $400 million, and it plans to voluntarily reimburse affected customers who directly lost funds to the hackers as a result of this incident.

該公司估計，補救措施可能使其耗資1.8億至4億美元，併計劃自願償還影響的客戶，這些客戶由於這一事件而直接損失了資金。

How to stay safe after the breach

違規後如何保持安全

Coinbase warns its users they will likely experience an influx of imposters and scammers, perhaps related to this breach and perhaps not. They remind users that they will never ask for your password, 2FA codes or ask that you transfer your assets to a specific or new address, account, vault or wallet.

Coinbase警告其用戶，他們可能會經歷大量冒名頂替者和騙子的湧入，這可能與這種違規有關，也許不是有關。他們提醒用戶，他們永遠不會詢問您的密碼，2FA代碼，或者要求您將資產轉移到特定或新地址，帳戶，金庫或錢包。

Additionally, Coinbase will never call or text you to give you a new seed phrase or wallet address to move your funds to. If you receive a call like this, you are encouraged to hang up the phone immediately. Coinbase will never ask you to contact an unknown number to reach them.

此外，Coinbase永遠不會給您打電話或發短信給您一個新的種子短語或錢包地址，以將資金移至。如果您收到這樣的電話，則鼓勵您立即掛斷電話。 Coinbase永遠不會要求您與未知數聯繫以聯繫。

The usual rules of phishing also apply here: Never click on any unexpecting links, attachments or QR codes that are sent to you in any manner. If you receive something that appears to be from someone you do know, confirm it with them in an independent manner.

網絡釣魚的通常規則也適用：切勿單擊以任何方式發送給您的任何不指望的鏈接，附件或QR碼。如果您收到的東西似乎是您認識的人，請獨立地與他們確認。

When going online, make sure you have one of the best antivirus software programs installed and up to date – these programs have VPNs, password managers and safe browsers as well as other features that can help provide you with an added layer of security.

上網時，請確保已安裝並最新的最好的防病毒軟件程序之一 - 這些程序具有VPN，密碼管理器和安全瀏覽器以及其他功能，可以幫助您提供附加的安全層。