Over 69,000 Customers Impacted in Recently Revealed 2024 Coinbase Security Breach

• The 2024 Coinbase breach that was discovered on May 11 apparently impacted more than 69,000 individuals.
• While the company refused to pay ransom, it provided affected customers with free data monitoring services.
• Hackers’ ransom note demanded $20 million in exchange for the deletion of the stolen data.

Coinbase confirmed that at least 69,461 customers had their personal and financial data stolen in an extended intrusion that began in late December 2024 and persisted for several months. Affected customers are urged to be alert for phishing attempts and identity fraud.

Coinbase revealed that the attacker’s main avenue was bribery of customer support staff, enabling unauthorized access to sensitive user information. 

Data compromised in the breach includes full names, email and physical addresses, phone numbers, government-issued IDs, account balances, and transaction histories, as per the company’s data breach notification.

All impacted individuals are provided with one year of free IDX services, which include credit monitoring, a $1,000,000 insurance reimbursement policy, and identity restoration. Besides, affected people will also benefit from dark web monitoring.

The breadth of data exfiltrated elevates concern, especially for high-net-worth clients, raising the risk of targeted attacks such as phishing, identity theft, and even physical threats. 

The attack came to light when Coinbase received what it termed a “credible” ransom note demanding $20 million in exchange for the deletion of the stolen data. The company refused to comply with the ransom demand, aligning with industry best practices that discourage negotiation with cybercriminals. 

The data breach timeline, from December 26, 2024, to earlier this month, suggests prolonged access and data gathering undetected inside Coinbase’s systems.

This incident underscores the persistent risk of social engineering and insider threats within even the most security-conscious organizations. 

The successful bribery of support staff highlights ongoing challenges in human-centric security controls, as well as the need for layered monitoring, least-privilege access, and robust insider threat detection programs.