Coinbase

Coinbase, a leading cryptocurrency exchange platform, suffered a breach where attackers acquired customers’ data through malicious support agents. The compromised data included names, addresses, phone numbers, email addresses, partial Social Security numbers, masked bank account numbers, and some account data. The attackers attempted to extort Coinbase for $20 million to cover up the breach. Coinbase did not pay the ransom and instead established a $20 million reward fund for information leading to the arrest and conviction of the attackers. The company has taken steps to reimburse affected customers, track stolen funds, and implement additional security measures.

Source: https://www.helpnetsecurity.com/2025/05/15/coinbase-suffers-data-breach-gets-extorted/

TPRM report: https://scoringcyber.rankiteo.com/company/coinbase

"id": "coi720051525",
"linkid": "coinbase",
"type": "Breach",
"date": "5/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'industry': 'Financial Services',
                        'name': 'Coinbase',
                        'type': 'Cryptocurrency Exchange'}],
 'attack_vector': 'Malicious Insider',
 'data_breach': {'type_of_data_compromised': ['Personally Identifiable '
                                              'Information',
                                              'Contact Information',
                                              'Financial Information']},
 'description': 'Coinbase, a leading cryptocurrency exchange platform, '
                'suffered a breach where attackers acquired customers’ data '
                'through malicious support agents. The compromised data '
                'included names, addresses, phone numbers, email addresses, '
                'partial Social Security numbers, masked bank account numbers, '
                'and some account data. The attackers attempted to extort '
                'Coinbase for $20 million to cover up the breach. Coinbase did '
                'not pay the ransom and instead established a $20 million '
                'reward fund for information leading to the arrest and '
                'conviction of the attackers. The company has taken steps to '
                'reimburse affected customers, track stolen funds, and '
                'implement additional security measures.',
 'impact': {'data_compromised': ['Names',
                                 'Addresses',
                                 'Phone Numbers',
                                 'Email Addresses',
                                 'Partial Social Security Numbers',
                                 'Masked Bank Account Numbers',
                                 'Some Account Data']},
 'motivation': 'Financial Gain, Extortion',
 'ransomware': {'ransom_demanded': '$20 million', 'ransom_paid': 'No'},
 'response': {'remediation_measures': ['Reimburse Affected Customers',
                                       'Track Stolen Funds',
                                       'Implement Additional Security '
                                       'Measures']},
 'title': 'Coinbase Customer Data Breach',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Social Engineering, Insider Threat'}

Coinbase

Dansons

Columbia University

Washington Police Department