Coinbase confirmed Wednesday that a major data breach, disclosed last week, has resulted in sensitive personal and financial information being stolen from at least 69,461 customers.
According to a filing with the attorney general of Maine, required by state law regulating disclosure in data breaches, Coinbase identified unauthorized access to customer data that started on December 26, 2024, and continued until early May of this year.
Coinbase first became aware of the severity of the breach when an unidentified hacker reportedly demanded a $20 million ransom payment in exchange for deleting the compromised data. The cryptocurrency exchange publicly refused to meet the extortion demand. The company further revealed that the attacker gained access by bribing Coinbase employees working in customer support roles, granting the hacker unauthorized visibility into sensitive customer records over several months.
The stolen data includes customers’ names, email and postal addresses, phone numbers, government-issued identification documents, account balances, and detailed transaction histories. Security experts caution that possession of this information by cybercriminal actors could lead to targeted scams or threats against affluent individuals known to possess significant cryptocurrency holdings.
Coinbase stated it has undertaken measures to tighten internal security protocols and is actively cooperating with authorities as investigations into the breach continue.
