Coinbase disclosed a sophisticated social engineering attack involving insider betrayal that compromised the personal data of over 69,000 users. The incident highlights the ongoing risks of insider threats and the rise of kidnapping-related crimes targeting cryptocurrency users. #Coinbase #InsiderBreach
Keypoints
- Cybercriminals bribed Coinbase customer service representatives to leak sensitive user data.
- The breach affected 69,461 users, including 217 residents of Maine, with data such as names, addresses, IDs, and transaction history.
- The attack occurred on December 26, 2024, but was only discovered in May 2025, indicating a delayed detection.
- Hackers demanded a $20 million ransom, which Coinbase refused to pay, and instead offered a reward for information leading to arrests.
- The incident underscores the threat of insider betrayal and the increasing danger of kidnapping targeting cryptocurrency investors.