Coinbase Breach: Hacker Moves Millions, Taunts Authorities with Meme
Another day, another crypto heist—except this one comes with a side of audacity. The perpetrator behind the Coinbase exploit isn’t just cashing out; they’re rubbing salt in the wound, flaunting their loot with a meme. Classic.
Security? More like ’see-you-later-ity.’ While investigators scramble, the hacker’s laughing all the way to the (unregulated) bank. Meanwhile, retail investors are left holding the bag—because when has crypto ever played fair?
On-Chain Troll
What makes this case especially brazen is the attacker’s decision to taunt ZachXBT, a well-known crypto sleuth, using Ethereum’s transaction message field to deliver an insult and a meme video link. The message, simply stating “L bozo,” was followed by a clip of NBA legend James Worthy smoking a cigar.
ZachXBT, who posted about the taunt on his Telegram channel, confirmed that blockchain evidence links the sender of this message to the same entity responsible for the breach that compromised tens of thousands of Coinbase users.
These latest transactions and taunts arrive in the wake of Coinbase’s admission that the breach affected at least 69,400 users and stemmed from a campaign that began in December 2024 but was only discovered in May 2025. According to disclosures filed with the Maine Attorney General’s office, the attacker bribed Coinbase customer support personnel to gain internal access to user data.
The scope of the breach is severe and includes compromised information such as users’ full identities, contact information, account balances, and transaction histories. Coinbase has said it rejected a $20 million ransom demand from the hacker in exchange for deleting the stolen data.
Unauthorized Biometric Data Collection
Coinbase is also facing a class-action lawsuit from Illinois residents who claim the crypto exchange unlawfully collected and shared their biometric data during identity verification. Filed on May 13, the suit accuses the crypto exchange of violating Illinois’ Biometric Information Privacy Act (BIPA) by capturing facial geometry from selfies and ID photos without obtaining user consent or providing proper disclosure.
The biometric data was allegedly analyzed by third-party vendors such as Jumio, Onfido, Au10tix, and Solaris. Plaintiffs also claim Coinbase refused to pay arbitration fees for over 10,000 individual cases, which led to their dismissal.
The lawsuit includes three counts of BIPA violations and one count of consumer fraud under Illinois law. Plaintiffs are seeking $5,000 per intentional violation and $1,000 per negligent one, as well as a court order to halt the practices and cover legal costs
