Coinbase Data Breach Exposes Customer Information Through Insider Sabotage Featured
Hackers bribed overseas support staff to steal sensitive user data – over 69,000 impacted.
What Happened?
On May 11, 2025, Coinbase discovered a significant data breach caused by insider misconduct at its overseas support centers. A small number of individuals performing services for Coinbase were bribed by a third party to improperly access confidential user information. Shortly after terminating the involved individuals, Coinbase received a $20 million ransom demand from cybercriminals threatening to leak the stolen data.
Instead of paying, Coinbase publicly disclosed the breach on May 15 and offered a $20 million reward for information leading to the attackers’ arrest. The incident triggered at least six class action lawsuits and is now under federal investigation. Coinbase began notifying affected customers on May 30, 2025.
What Information Was Stolen?
Coinbase confirmed that the breach did not expose passwords, seed phrases, or private keys. However, the stolen data could still pose severe identity and financial risks. Compromised information may include:
- Full names, addresses, phone numbers, and emails
- Masked Social Security and bank account numbers
- Bank account identifiers
- Scans or numbers from government-issued IDs (e.g., passports, driver’s licenses)
- Account data including transaction history, balances, and account creation date
Although funds remained secure, attackers could use this information to carry out social engineering scams, posing as Coinbase representatives to trick users into transferring crypto.
What is Coinbase Doing to Protect My Identity?
Coinbase has taken several steps in response to the incident:
- Customer Reimbursement: Coinbase will reimburse users who were socially engineered into transferring funds due to this breach.
- Security Upgrades: Additional ID checks are now required for high-risk transactions, and new scam-awareness prompts have been added.
- Support Restructure: Coinbase is opening a new U.S.-based support center and implementing tighter internal controls.
- Law Enforcement: The company is cooperating with international authorities and pressing criminal charges.
- $20M Reward Fund: A fund equal to the ransom demand has been created to reward information leading to the attacker’s conviction.
- Credit Monitoring: Affected users are being offered one year of free credit monitoring and identity protection services through IDX, including $1 million in identity theft insurance and dark web monitoring.
What Can Hackers Do With My Information?
Even without access to your crypto wallet, attackers can weaponize your personal data to:
- Commit identity theft and open fraudulent accounts
- Launch phishing or smishing campaigns pretending to be Coinbase
- Steal funds through impersonation or account manipulation
- Sell your data on the dark web
This type of exposure can have lasting impacts, especially when government ID data is involved.
Anyone impacted must now closely monitor their financial and medical records to guard against fraud and identity theft.
If you were affected by the Coinbase data breach, it is essential that you understand what’s at risk and what steps you can take to protect yourself. A data breach attorney can help you understand your legal rights and how to pursue possible compensation.
Join the Coinbase Data Breach Class Action
If you receive a notification letter from Coinbase, you may be eligible to join the class action and seek compensation. Lawsuits allege Coinbase failed to properly secure user data and delayed its response. Please complete the form shown on this page and a data breach attorney will contact you.