Coinbase says that a criminal gang brushed a small number or customer service agents abroad and persuaded them to copy internal systems data. The attack touched less than 1% of the people who trade on the platform every month.
Coinbas reports that the copied files contained names, addresses, telephone numbers, email addresses, masked social security numbers, some bank data, images of identity documents, total accounts, snapshots and transaction lists.
The thieves wanted this information, so they could pretend to be coinbase workers, calls of calls or messages and deceive them to deliver the cryptocurrency … and by the way, passwords, codes of two factors, private keys and funds were kept out of reach.
Coinbase also adds that the corporate accounts in its main service and the wallets of the cold and cold company were not touched, so at least the primary infrastructure remained safe. They assured in their blog post that transparency is a main priority when it comes to their security culture and decided to publish the details of the public registry.
How did this develop?
After copying the data, the attackers contacted Coinbase and demanded a ransom or $ 20 million to silence the violation. Coinbase refused, stating that paying criminals would only do it well, and normalize to make more cybercrime, and honestly, it would worry customers more.
On the other hand, as Coinbase said, the exchange establishes a reward of $ 20 million of $ 20 million for information that leads to the trial and conviction of the culprits. Tips can be sent to [email protected] With “Bounty” on the matter line.
Coinbase triggered the shadow agents in the place and sent them to the organisms of international law and the United States. The wallet addresses linked to the gang have been labeled so that researchers can track any attempt to transfer digital assets.
What will Coinbase do to protect now?
Coinbase says that each person whose data were touched received an email at 7:20 am, Eastern time, on May 15. The message explained what happened and explained the following measures.
The company has promised to reimburse any retail user who, due to the scam, sent coins to the directors controlled by criminals before the public announcement. Each claim will be verified to confirm the timeline and circumstances.
Affected accounts now have to go through additional procedures before making great withdrawals. These users must dry the additional identification checks and see the awareness of the scam that reminds them that they never share passwords or codes of two factors, and that they never transfer funds to new “safe” wallets.
Coinbase will add a new support center in the United States, bringing more personnel under national supervision. Security monitoring and the detection of internal threats on each site have already worked to be more difficult.
Internal teams are already executing attack simulations to discover any weak point in support tools, and the exchange promises to keep the public community informed and cleanly as the investigation continues at each stage.
How much do they look at?
A regulatory presentation issued yesterday estimates that Coinbase can spend $ 180 million to $ 400 million in cleaning and reimbursements. The estimate could change after researchers consider the final loss and any recovered money.
For a company that recorded almost $ 5 billion in revenues of 2024, the projected invoice is large but not the worst one could have been. Coinbase says that customer’s confidence, not the sum in cash, is the decisive factor.
Security consultants say that the tactic of bribes support staff has become more common throughout the technological sector because victims have additional passports, licenses and personal records that obtain high prices in criminal markets.
Earlier this week, Marks & Spencer also revealed a data violation, once again that shows how personal data may disappear even when payment information remains protected. Coinbase’s situation is really showing what problems and dangers face digital finance platforms outside the traditional banking, and it is so important to ensure that they are avoided in the future.
