May 19th, 2025
Who:
Coinbase, the largest U.S.-based cryptocurrency exchange, experienced a significant cyberattack. The breach involved overseas customer support contractors who were bribed by cyber-criminals to access internal systems.
What:
Attackers obtained personal data — including names, addresses, phone numbers, and emails — for less than 1% of Coinbase’s customers. This information was used in social engineering schemes to defraud users. Notably, no passwords, private keys, or funds were directly compromised. The attackers demanded a $20 million ransom, which Coinbase refused to pay.
Impact:
Estimated financial impact ranges between $180 million and $400 million.
Affected customers who were deceived into sending funds will be reimbursed.
The U.S. Department of Justice has initiated an investigation into the breach.
Recommendations:
For Users:
Be vigilant against phishing attempts; verify communications claiming to be from Coinbase.
Enable two-factor authentication (2FA) and consider using hardware security keys.
Regularly monitor account activity for unauthorized transactions.
For Organizations:
Implement strict access controls and monitor third-party vendor activities.
Conduct regular security audits and employee training on cybersecurity best practices.
Establish clear protocols for incident response and communication with stakeholders.
Read the full article HERE