Coinbase disclosed a data breach on May 11th, 2025, where threat actors accessed limited user information by paying contractors outside the U.S. They responded by tightening security, warning affected customers, and offering a $20 million reward for information leading to the arrest of the attackers. The company emphasized that private keys and login credentials remained secure and stressed transparency about the incident. #Coinbase #DataBreach
Keypoints :
- Coinbase revealed a data breach through an 8K filing with the SEC on May 14th, 2025.
- The breach involved a threat actor who obtained user information by paying contractors outside the U.S.
- Accessed data included IDs, account details, names, and addresses, but not private keys or 2FA codes.
- The company detected unauthorized personnel accessing internal data and terminated their employment.
- Coinbase increased security measures and warned affected customers to prevent further misuse.
- The attacker demanded $20 million in ransom, which Coinbase rejected, instead offering a reward for information.
- Coinbase remains confident that only a small percentage of user data was accessed and emphasized transparency.
- Youtube Video: https://www.youtube.com/watch?v=hgpTkNlIZCQ
- Youtube Channel: Hak5
- Youtube Published: Sun, 25 May 2025 16:00:57 +0000