CyberSecurityBoard
Sponsor Register Login

Coinbase Hacked - Massive Data Breach Costs Them $400 Million

Coinbase emphasized that the breach did not impact the security of customer funds, as the involved contractors and employees lacked access to financial systems. The breach, orchestrated by an unknown threat actor, involved the unauthorized access of sensitive customer information and internal company documentation. Coinbase has yet to determine the full financial impact of the breach, but preliminary estimates suggest remediation costs and voluntary customer reimbursements could range between $180 million and $400 million. This figure accounts for expenses related to mitigating the breach, enhancing security protocols, and compensating eligible retail customers who may have sent funds to the threat actor as a direct result of the incident. The incident came to light on May 11, 2025, when Coinbase, Inc., a subsidiary of Coinbase Global, received an email from a threat actor claiming to have obtained sensitive data. The breach highlights the vulnerabilities inherent in the cryptocurrency sector, where centralized platforms like Coinbase hold vast amounts of sensitive user data. Coinbase Global, Inc., one of the world’s largest crypto exchanges, disclosed a major cybersecurity incident in a Form 8-K filing with the U.S. Securities and Exchange Commission (SEC) on May 14, 2025. These individuals, who had access to internal Coinbase systems for their job functions, collected customer account details and internal documentation, including materials related to customer-service and account-management systems. While the breach did not involve the compromise of customer passwords, private keys, or access to funds, the scope of the stolen data is concerning. Coinbase’s security monitoring systems had independently detected instances of unauthorized data access by these personnel in the months leading up to the email. With estimated remediation costs ranging from $180 million to $400 million, the incident underscores the growing risks of cyber threats in the crypto ecosystem. Upon discovery, the company swiftly terminated the involved parties, implemented enhanced fraud-monitoring protections, and warned affected customers to prevent misuse of their data. The company referenced its Annual Report on Form 10-K for 2024 and subsequent quarterly reports, which detail broader risks facing the business, including regulatory scrutiny and market volatility. In its SEC filing, Coinbase acknowledged several risks that could affect its response to the breach.

This Cyber News was published on cybersecuritynews.com. Publication date: Thu, 15 May 2025 17:20:05 +0000


Cyber News related to Coinbase Hacked - Massive Data Breach Costs Them $400 Million

CVE-2024-53182 - In the Linux kernel, the following vulnerability has been resolved: Revert "block, bfq: merge bfq_release_process_ref() into bfq_put_cooperator()" This reverts commit bc3b1e9e7c50e1de0f573eea3871db61dd4787de. The bic is associated with sync_bfqq, and ...
5 months ago Tenable.com
Coinbase Hacked - Massive Data Breach Costs Them $400 Million - Coinbase emphasized that the breach did not impact the security of customer funds, as the involved contractors and employees lacked access to financial systems. The breach, orchestrated by an unknown threat actor, involved the unauthorized access of ...
1 month ago Cybersecuritynews.com
Coinbase data breach exposes customer info and government IDs - While the threat actors managed to steal a combination of personally identifiable information of up to 1% of Coinbase's customer base (around 1 million individuals), they couldn't steal customers' private keys or passwords, and couldn't ...
1 month ago Bleepingcomputer.com
Coinbase phishing email tricks users with fake wallet migration - A large-scale Coinbase phishing attack poses as a mandatory wallet migration, tricking recipients into setting up a new wallet with a pre-generated recovery phrase controlled by attackers. Instead, the phishing email includes a recovery phrase, which ...
3 months ago Bleepingcomputer.com
Tech Security Year in Review - In this Tech Security Year in Review for 2023, let's look into the top data breaches of the past year. Each factor contributes to the growing threatscape, demanding a proactive and adaptable cybersecurity approach to safeguard your organization ...
1 year ago Securityboulevard.com
Coinbase offers $20 million bounty after extortion attempt with stolen data | The Record from Recorded Future News - The industry giant said in a regulatory filing with the Securities and Exchange Commission (SEC) that an “unknown threat actor” emailed a demand on May 11 for $20 million, threatening to publish stolen data about Coinbase customers and other ...
1 month ago Therecord.media
Coinbase to fix 2FA account activity entry freaking out users - Unfortunately, BleepingComputer was told that threat actors use these erroneous error messages as part of social engineering attacks that attempt to breach Coinbase accounts by making targets think their credentials are compromised. Coinbase is ...
2 months ago Bleepingcomputer.com
How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
8 months ago Aws.amazon.com
Coinbase fixes 2FA log error making people think they were hacked - As BleepingComputer first reported earlier this month, Coinbase had mistakenly labeled failed login attempts with incorrect passwords as two-factor authentication failues in the Account Activity logs. These mislabeled entries could have also been ...
1 month ago Bleepingcomputer.com
CVE-2018-16557 - A vulnerability has been identified in SIMATIC S7-400 CPU 412-1 DP V7 (All versions), SIMATIC S7-400 CPU 412-2 DP V7 (All versions), SIMATIC S7-400 CPU 414-2 DP V7 (All versions), SIMATIC S7-400 CPU 414-3 DP V7 (All versions), SIMATIC S7-400 CPU ...
2 years ago
CVE-2018-16556 - A vulnerability has been identified in SIMATIC S7-400 CPU 412-1 DP V7 (All versions), SIMATIC S7-400 CPU 412-2 DP V7 (All versions), SIMATIC S7-400 CPU 414-2 DP V7 (All versions), SIMATIC S7-400 CPU 414-3 DP V7 (All versions), SIMATIC S7-400 CPU ...
2 years ago
Coinbase was primary target of recent GitHub Actions breaches - This allowed the threat actors to steal a Personal Access Token that was then used to push a malicious commit to the tj-actions/changed-files GitHub Action that once again dumps CI/CD secrets to workflow logs. It is unclear how the breach ...
2 months ago Bleepingcomputer.com
CVE-2021-40368 - A vulnerability has been identified in SIMATIC S7-400 CPU 412-1 DP V7 (All versions), SIMATIC S7-400 CPU 412-2 DP V7 (All versions), SIMATIC S7-400 CPU 412-2 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 414-2 DP V7 (All versions), ...
2 years ago
Data Breach Response: A Step-by-Step Guide - In today's interconnected world, organizations must be prepared to respond swiftly and effectively in the face of a data breach. To navigate these challenges, a well-defined and comprehensive data breach response plan is essential. Let's explore the ...
1 year ago Securityzap.com
Welltok data breach exposes data of 8.5 million US patients - Healthcare SaaS provider Welltok is warning that a data breach exposed the personal data of nearly 8.5 million patients in the U.S. after a file transfer program used by the company was hacked in a data theft attack. Welltok works with health service ...
1 year ago Bleepingcomputer.com
FTC orders Blackbaud to boost security after massive data breach - Blackbaud has settled with the Federal Trade Commission after being charged with poor security and reckless data retention practices, leading to a May 2020 ransomware attack and a data breach affecting millions of people. Blackbaud is a U.S.-based ...
1 year ago Bleepingcomputer.com
Mint Mobile discloses new data breach exposing customer data - Mint Mobile has disclosed a new data breach that exposed the personal information of its customers, including data that can be used to perform SIM swap attacks. Mint is a mobile virtual network operator owned by T-Mobile, offering budget, pre-paid ...
1 year ago Bleepingcomputer.com
Ticketmaster sends notifications about recent massive data breach - Ticketmaster has started to notify customers who were impacted by a data breach after hackers stole the company's Snowflake database, containing the data of millions of people. Last month, a threat actor known as ShinyHunters began selling stolen ...
11 months ago Bleepingcomputer.com Hunters
Live Nation finally confirms massive Ticketmaster data breach - Live Nation has confirmed that Ticketmaster suffered a data breach after its data was stolen from a third-party cloud database provider, which is believed to be Snowflake. While the breach has allegedly exposed the data of over 560 million ...
1 year ago Bleepingcomputer.com Hunters
Delta Dental says data breach exposed info of 7 million people - Delta Dental of California is warning almost seven million patients that they suffered a data breach after personal data was exposed in a MOVEit Transfer software breach. Delta Dental is a dental insurance provider that covers 85 million people ...
1 year ago Bleepingcomputer.com CVE-2023-34362
Delta Dental of California data breach exposed info of 7 million people - Delta Dental of California and its affiliates are warning almost seven million patients that they suffered a data breach after personal data was exposed in a MOVEit Transfer software breach. Delta Dental of California is a dental insurance provider ...
1 year ago Bleepingcomputer.com CVE-2023-34362
FCC orders telecom carriers to report PII data breaches within 30 days - Starting March 13th, telecommunications companies must report data breaches impacting customers' personally identifiable information within 30 days, as required by FCC's updated data breach reporting requirements. FCC's final rule follows several ...
1 year ago Bleepingcomputer.com
US SEC's X account hacked to announce fake Bitcoin ETF approval - The X account for the U.S. Securities and Exchange Commission was hacked today to issue a fake announcement on the approval of Bitcoin ETFs on security exchanges. The announcement came this afternoon in a now-deleted tweet from the SEC's hacked X ...
1 year ago Bleepingcomputer.com
With Attacks on the Upswing, Cyber-Insurance Premiums Poised to Rise Too - An increase in cyber-insurance claims in 2023, driven by a more active threat landscape, will likely mean that last year's price plateau in cyber-insurance premium costs will be short-lived, according to industry experts. While premium costs fell by ...
1 year ago Darkreading.com Rocke
Ticketmaster confirms massive breach after stolen data for sale online - Live Nation has confirmed that Ticketmaster suffered a data breach after its data was stolen from a third-party cloud database provider, which is believed to be Snowflake. While the breach has allegedly exposed the data of over 560 million ...
1 year ago Bleepingcomputer.com Hunters

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)