Ddos 
The publicly listed U.S. cryptocurrency exchange Coinbase recently disclosed that it had fallen victim to a sophisticated social engineering attack. Cybercriminals successfully bribed customer service representatives employed by one of Coinbase’s service providers, who then transferred extensive personal data of numerous investors directly to the hackers.
Initially, Coinbase did not disclose the scope of the breach. However, under Maine state law, compromised entities are required to submit official documentation detailing such incidents. According to the documents filed by Coinbase, a total of 69,461 users were affected, including 217 residents of Maine.
The documents further reveal that the breach occurred on December 26, 2024, but remained undetected until May 11, 2025. Coinbase characterized the incident as an internal misconduct—implying that the data leak was the result of insider betrayal.
The compromised data was alarmingly comprehensive, encompassing, but not limited to, users’ full legal names, residential addresses, phone numbers, contact details, government-issued identification (submitted for account verification), account balances, and transaction histories on Coinbase.
According to the company, the customer service representatives recruited by the hackers exploited their access to the customer support system to obtain this sensitive information. While the affected user count represents a small fraction of Coinbase’s overall customer base, the implications for these individuals are grave—they may now be exposed to significant threats, including risks to their personal safety.
In recent years, the cryptocurrency industry has witnessed a disturbing rise in kidnapping cases. Criminals often compile detailed intelligence on targets before orchestrating abductions, coercing victims into transferring all their crypto assets. These crimes are particularly insidious, as they do not involve physical cash and are often easier to execute than traditional kidnappings.
Coinbase also revealed that the attackers issued a ransom demand of $20 million. However, the company refused to comply. Instead, Coinbase established a $20 million bounty fund to reward individuals who provide information leading to the arrest and conviction of those responsible.
Donate