Coinbase Global，Inc。遭受重大网络安全事件

Coinbase Global，Inc。是世界上最大的加密货币交易所之一，以8-K表格披露了一次重大网络安全事件

Coinbase Global (NASDAQ:COIN) disclosed a major cybersecurity incident in a Form 8-K filing with the SEC on May 14. The incident, which involved the unauthorized access of sensitive customer information and internal company documentation by an unknown threat actor, is estimated to result in remediation costs of $180 million to $400 million.

Coinbase Global（NASDAQ：COIN）于5月14日向SEC提交的8-K申请表格披露了一次重大网络安全事件。该事件涉及未经授权访问敏感客户信息和不知名的威胁参与者内部公司文档的事件，估计会导致补救成本为1.8亿美元至4亿美元。

The company, one of the world’s largest crypto exchanges, discovered the breach on May 11 when a subsidiary, Coinbase, Inc., received an email from the threat actor. The email claimed that the actor had collected data from multiple contractors or employees in support roles outside the U.S., who were paid by the threat actor to cooperate.

该公司是世界上最大的加密货币交易所之一，于5月11日发现了违规行为，当时子公司Coinbase，Inc。收到了威胁性演员的电子邮件。该电子邮件声称，这位演员已从多个承包商或员工收集了美国以外的支持角色的数据，这些角色是由威胁演员付款的。

These employees, who had access to internal Coinbase systems for their assigned job functions, collected customer account details and internal documentation, such as materials related to customer-service and account-management systems. Coinbase’s own security monitoring systems had independently detected instances of unauthorized data access by these personnel in the months leading up to the email.

这些员工可以访问其分配的工作职能的内部Coinbase系统，并收集了客户帐户详细信息和内部文档，例如与客户服务和帐户管理系统有关的材料。 Coinbase自己的安全监控系统在电子邮件前的几个月中独立检测了这些人员未经授权的数据访问的实例。

Upon discovery, Coinbase terminated the involved parties, implemented enhanced fraud-monitoring protections, and warned affected customers to prevent misuse of their data. However, the May 11 email revealed that these prior incidents were part of a coordinated campaign, which Coinbase now refers to as the “Incident.”

发现后，Coinbase终止了相关方，实施了增强的欺诈监控保护，并警告受影响的客户防止滥用数据。但是，5月11日的电子邮件显示，这些先前的事件是协调活动的一部分，该活动现在称为“事件”。

The threat actor is demanding a ransom to refrain from publicly disclosing the stolen data. Coinbase has refused to pay and is cooperating with law enforcement to investigate the breach.

威胁行为者要求赎金避免公开披露被盗数据。 Coinbase拒绝付款，并正在与执法部门合作以调查违规行为。

While the breach did not involve the compromise of customer passwords, private keys, or access to funds, the scope of the stolen data is concerning. According to Coinbase, the exposed information includes:

尽管违规行为不涉及客户密码，私钥或访问资金的妥协，但被盗数据的范围是有关的。根据Coinbase的说法，暴露的信息包括：

* Email addresses and phone numbers of certain Coinbase customers

*某些Coinbase客户的电子邮件地址和电话号码

* Names of some Coinbase customers

*某些共同客户的名称

* A limited subset of customer service inquiries

*有限的客户服务查询子集

* Internal company documentation, such as organizational charts and articles from Coinbase’s internal company blog

*内部公司文档，例如Coinbase的内部公司博客的组织图表和文章

* Some U.S. payroll data for a portion of Coinbase’s contractors and employees in support roles

*一些美国承包商和员工的一部分美国薪资数据

Coinbase highlighted that the incident did not affect the security of customer funds, as the involved contractors and employees lacked access to financial systems. However, the exposed data could be used for social-engineering attacks, such as phishing or identity theft, prompting the company to bolster its anti-fraud measures.

Coinbase强调，由于所涉承包商和员工无法使用金融系统，因此事件并不影响客户资金的安全。但是，暴露的数据可用于社会工程攻击，例如网络钓鱼或身份盗用，促使该公司加强其反欺诈措施。

Coinbase has yet to determine the full financial impact of the breach, but preliminary estimates suggest remediation costs and voluntary customer reimbursements could range between $180 million and $400 million. This figure accounts for expenses related to mitigating the breach, enhancing security protocols, and compensating eligible retail customers who may have sent funds to the threat actor as a direct result of the incident.

Coinbase尚未确定违规行为的全部财务影响，但是初步估计表明，补救成本和自愿客户报销可能在1.8亿至4亿美元之间。该数字说明了与减轻违规行为，增强安全协议以及补偿合格零售客户有关的费用，这些零售客户可能已将资金寄给威胁参与者，这是事件的直接结果。

The company is still reviewing potential losses, indemnification claims, and possible recoveries, which could significantly alter this estimate.

该公司仍在审查潜在损失，赔偿索赔和可能的追回，这可能会大大改变这一估计。

Operationally, Coinbase reports no material disruptions as of May 14. However, the breach has prompted the company to take proactive steps to strengthen its defenses. These include opening a new support hub in the United States and implementing additional measures to prevent similar incidents in the future.

在操作上，Coinbase报告截至5月14日，没有任何重大干扰。但是，违规行为促使该公司采取积极的步骤来加强其防御能力。其中包括在美国开设一个新的支持中心，并采取其他措施以防止将来发生类似事件。

Coinbase’s refusal to pay the ransom aligns with growing industry and law enforcement recommendations to avoid incentivizing cybercriminals. The company’s cooperation with authorities signals a commitment to pursuing legal remedies and holding those responsible accountable. Additionally, Coinbase’s decision to voluntarily reimburse affected customers demonstrates an effort to maintain trust in a highly competitive market.

Coinbase拒绝支付赎金与不断发展的行业和执法建议，以避免激励网络犯罪分子。该公司与当局的合作表示承诺寻求法律补救措施，并使那些负责任的人承担责任。此外，Coinbase自愿偿还受影响客户的决定表明，努力保持对竞争激烈的市场的信任。

The breach highlights the vulnerabilities inherent in the cryptocurrency sector, where centralized platforms like Coinbase hold vast amounts of sensitive user data. Unlike decentralized blockchain networks, which are inherently resistant to certain types of attacks, centralized exchanges remain prime targets for cybercriminals. The incident may fuel calls for stricter cybersecurity regulations in the crypto industry, particularly as institutional adoption of digital assets grows.

漏洞突出了加密货币部门固有的漏洞，其中集中式平台（例如Coinbase）拥有大量敏感用户数据。与分散的区块链网络固有抵抗某些类型的攻击不同，集中式交流仍然是网络犯罪分子的主要目标。该事件可能会在加密行业制定更严格的网络安全法规，尤其是随着机构采用数字资产的增长。

In its SEC filing, Coinbase acknowledged several risks that could affect its response to the breach. The ongoing investigation may uncover additional compromised data or unforeseen financial liabilities. Legal and reputational risks also loom large, as affected customers may pursue claims against the company. Furthermore, the potential for additional cybersecurity incidents could exacerbate Coinbase’s challenges.

在SEC申请中，Coinbase承认几种可能影响其对违规行为的反应的风险。正在进行的调查可能会发现其他损害数据或不可预见的金融负债。法律和声誉风险也迫在眉睫，因为受影响的客户可能会对公司提出索赔。此外，发生其他网络安全事件的潜力可能会加剧Coinbase的挑战。

The company referenced its Annual Report on Form 10-K for 2024 and subsequent quarterly reports, which detail broader risks facing the business, including regulatory scrutiny and market volatility. These factors, combined with the breach, could test Coinbase’s resilience in the coming months.

该公司提到了其2024年表格10-K的年度报告以及随后的季度报告，其中详细介绍了该业务面临的更广泛风险，包括监管审查和市场波动。这些因素以及违规的因素可以在未来几个月内测试Coinbase的弹性。