Coinbase Confirms Data Breach Affecting Over 69,000 Customers
Cryptocurrency exchange Coinbase has confirmed a data breach impacting at least 69,461 customers. The breach, which occurred between December 26, 2024, and May 2025, resulted in the theft of personal and financial information.
Coinbase disclosed the breach in a filing with Maine's attorney general. The filing was mandated by state data breach notification law. The company also detailed the incident in a blog post.
Hacker Demanded $20 Million Ransom
According to Coinbase, the hacker responsible for the breach demanded a $20 million ransom. The ransom demand was made in exchange for deleting the stolen data. Coinbase refused to pay.
The company revealed that the hacker gained access to customer data by bribing Coinbase customer support employees over several months. The stolen information includes customer names, email addresses, physical addresses, phone numbers, government-issued IDs, account balances, and transaction histories.
Stolen Data Includes Sensitive Information
The stolen data raises concerns about the potential targeting of wealthy cryptocurrency holders. This incident underscores the growing cybersecurity threats faced by the cryptocurrency industry.
- Impacted Data: Names, email addresses, physical addresses, phone numbers, government IDs, account balances, transaction histories.
- Timeline: December 26, 2024 - May 2025
- Ransom Demand: $20 million (refused by Coinbase)
For more information, refer to the official Maine Attorney General filing and the Coinbase blog post.
