Coinbase中的内部人员泄漏了用户数据，导致了重大网络安全事件并在本月初暴露了关键的用户数据。

2025年5月11日，该公司收到了一位未知威胁行为者的赎金要求，他们声称拥有有关Coinbase客户帐户和内部Coinbase文件的信息

A report by CyberNews has provided further details concerning a recent cybersecurity incident at Coinbase, revealing that an unknown threat actor had threatened to release data on the company's customer accounts and internal documents.

Cyber​​news的一份报告提供了有关Coinbase最近发生的网络安全事件的进一步详细信息，该报告表明，一位未知的威胁演员威胁要发布有关公司客户帐户和内部文件的数据。

On May 11, the company received an email from aบุรุษม پیامرسان threatening to disclose information about Coinbase customer accounts and internal documents, including materials related to customer service and account management systems.

5月11日，该公司收到了来自บุรุษมپیپیپیپی援者的电子邮件，威胁要披露有关Coinbase客户帐户和内部文档的信息，包括与客户服务和帐户管理系统有关的材料。

The company stated that the actors claimed to have data on "less than 1% of the Coinbase monthly transacting users."

该公司表示，演员们声称拥有“不到1％的共同订阅每月交易用户”的数据。

While the exact number of affected users wasn't mentioned, it's worth noting that the publicly traded company, which operates the largest U.S.-based cryptocurrency exchange, has over 100 million users.

尽管未提及受影响的用户的确切数量，但值得注意的是，经营美国最大的加密货币交易所的公开交易公司拥有超过1亿用户。

The stolen data includes name, address, phone number, email address, Social Security number (last four digits), masked bank account numbers (and some identifiers), and government ID images (driver’s licenses and passports). It also includes account data, such as balance snapshots and transaction history.

被盗的数据包括名称，地址，电话号码，电子邮件地址，社会保险号（最后四位数），蒙版的银行帐号（以及某些标识符）以及政府ID图像（驾驶执照和护照）。它还包括帐户数据，例如余额快照和交易历史记录。

Moreover, some corporate data was taken, which includes training material and communications available to support agents. However, no passwords or private keys were included.

此外，获取了一些公司数据，其中包括可用于支持代理商的培训材料和通信。但是，不包括密码或私钥。

The ongoing internal Coinbase investigation has found that this ransomware incident was part of a single campaign, and that the ransomware email is credible. However, Coinbase will not be paying the ransom. The company will be cooperating with law enforcement.

正在进行的内部Coinbase调查发现，这一勒索软件事件是单个广告系列的一部分，勒索软件电子邮件是可信的。但是，Coinbase不会支付赎金。该公司将与执法部门合作。

Coinbase's ongoing internal investigation has found that the source of the breach is cybercriminals who bribed and recruited employees in support roles or contractors outside of the U.S. who had access to internal systems.

Coinbase正在进行的内部调查发现，违规的根源是网络犯罪分子，他们贿赂和招募了雇员，担任美国以外的支持角色或承包商，他们可以使用内部系统。

Coinbase has found instances of personnel accessing data without a legitimate business need in previous months through their independent monitoring systems.

Coinbase发现了前几个月通过其独立监控系统在没有合法业务需求的情况下访问数据的实例。

Coinbase responded by terminating the involved employees and contractors, and by rolling out heightened fraud-monitoring protections. A new support hub will be opening in the U.S., and the company will be taking measures to increase defenses and safeguards, including requiring extra ID checks on large withdrawals and mandatory scam awareness prompts for flagged accounts.

Coinbase通过终止参与的雇员和承包商的回应，并推出更高的欺诈监控保护。美国将在美国开放一个新的支持中心，该公司将采取措施增加防御和保障措施，包括需要进行大型提款和强制性骗局意识提示提示标记帐户的额外ID检查。

Coinbase has warned users that they may experience some delays as high risk transactions are monitored. They’ve also contacted customers who may have had their information compromised.

Coinbase警告用户，由于监控高风险交易，他们可能会遇到一些延迟。他们还联系了可能遭到损害信息的客户。

Instead of paying the $20 million ransom demand, Coinbase has created a $20 million reward fund as a bounty, offering it to whomever can provide information that leads to the arrest and conviction of the criminals responsible for the attack.

Coinbase并没有支付2000万美元的赎金需求，而是创建了一个耗资2000万美元的奖励基金作为赏金，将其提供给可以提供信息的人，从而导致逮捕和定罪负责袭击的罪犯。

The company estimates the remediation could cost it between $180 million and $400 million, and it plans to voluntarily reimburse affected customers who directly lost funds to the hackers as a result of this incident.

该公司估计，补救措施可能使其耗资1.8亿至4亿美元，并计划自愿偿还影响的客户，这些客户由于这一事件而直接损失了资金。

How to stay safe after the breach

违规后如何保持安全

Coinbase warns its users they will likely experience an influx of imposters and scammers, perhaps related to this breach and perhaps not. They remind users that they will never ask for your password, 2FA codes or ask that you transfer your assets to a specific or new address, account, vault or wallet.

Coinbase警告其用户，他们可能会经历大量冒名顶替者和骗子的涌入，这可能与这种违规有关，也许不是有关。他们提醒用户，他们永远不会询问您的密码，2FA代码，或者要求您将资产转移到特定或新地址，帐户，金库或钱包。

Additionally, Coinbase will never call or text you to give you a new seed phrase or wallet address to move your funds to. If you receive a call like this, you are encouraged to hang up the phone immediately. Coinbase will never ask you to contact an unknown number to reach them.

此外，Coinbase永远不会给您打电话或发短信给您一个新的种子短语或钱包地址，以将资金移至。如果您收到这样的电话，则鼓励您立即挂断电话。 Coinbase永远不会要求您与未知数联系以联系。

The usual rules of phishing also apply here: Never click on any unexpecting links, attachments or QR codes that are sent to you in any manner. If you receive something that appears to be from someone you do know, confirm it with them in an independent manner.

网络钓鱼的通常规则也适用：切勿单击以任何方式发送给您的任何不指望的链接，附件或QR码。如果您收到的东西似乎是您认识的人，请独立地与他们确认。

When going online, make sure you have one of the best antivirus software programs installed and up to date – these programs have VPNs, password managers and safe browsers as well as other features that can help provide you with an added layer of security.

上网时，请确保已安装并最新的最好的防病毒软件程序之一 - 这些程序具有VPN，密码管理器和安全浏览器以及其他功能，可以帮助您提供附加的安全层。