Crypto exchange giant Coinbase has confirmed that at least 69,461 customers were affected by a months-long data breach, exposing sensitive personal and financial information.
The disclosure came through a filing with Maine’s attorney general on Wednesday, as required by the state’s data breach notification law.
According to Coinbase, the breach began on December 26, 2024, and continued until earlier this month, when the company received a $20 million ransom demand from the attacker. In a blog post, Coinbase revealed that it refused to pay and traced the breach to bribed customer support employees who were manipulated into granting the hacker access.
The stolen data includes names, email and postal addresses, phone numbers, government-issued IDs, account balances, and transaction histories, raising concerns that high-net-worth users could be targeted.
Coinbase has not disclosed the identity of the attacker or whether law enforcement is involved, but the breach highlights growing risks in the crypto industry, particularly from social engineering attacks on internal staff.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
