Coinbase Data Breach Affects 69,461 Users, Costs $400 Million

Coinbase, a leading cryptocurrency exchange, recently disclosed a significant data breach that affected nearly 70,000 users. The incident, which occurred on December 26, 2024, remained undetected for approximately six months before being discovered on May 11, 2025. The breach was revealed through a filing with the Main Attorney General's office, submitted by the legal firm Latham and Watkins LLP. The filing detailed that 69,461 Coinbase users were compromised, including 217 residents of the region.

The breach involved scammers who deceived several Coinbase customer service representatives into handing over limited user information. The compromised data included names, addresses, phone numbers, emails, masked Social Security numbers, masked bank-account numbers, and some bank account identifiers. The scammers then attempted to extort the company by demanding a ransom of $20 million in exchange for not leaking the data. Coinbase refused to negotiate with the threat actors and subsequently terminated the contracts of the representatives who collaborated with the scammers. The exchange also pledged to provide remediation or reimbursements for any impacted clients.

The data breach has sparked a debate about the ethics of Know Your Customer (KYC) data collection, with some arguing that it poses additional risks to crypto holders. The incident underscores the increasing number of cybersecurity incidents affecting the industry. Industry executives, investors, and legal experts have warned that such data leaks can jeopardize the physical safety of crypto investors, making them targets of extortion attempts, kidnapping, and armed robbery.

The breach caused significant financial losses, amounting to $400 million, through social engineering scams and remediation costs, according to Coinbase. The United States Department of Justice (DOJ) initiated a probe into the leak but had not released updates on the incident or the extortion attempt as of May 21. Coinbase now faces multiple lawsuits from affected clients, who allege that the exchange failed to notify victims of the security breach in a timely manner. The incident has sent shockwaves through the crypto world, highlighting the vulnerabilities in the industry's cybersecurity measures. Despite the remediation efforts, the data breach has raised concerns about the safety and security of user information in the cryptocurrency sector.