Coinbase Bleeds Data: Hackers Drain Millions of Customer Records in Latest Crypto Exchange Breach

Another day, another crypto exchange with egg on its face—this time it’s Coinbase coughing up customer data like a defi protocol coughing up collateral.

The breach breakdown: Attackers bypassed security measures (again), exposing sensitive records. No word yet on whether the hackers accepted payment in BTC or just sold the data for fiat like sensible criminals.

Silver lining? At least they didn’t call it a ’strategic data redistribution event’—Wall Street already trademarked that excuse.

Insider bribery, social engineering, and targeted vulnerabilities

According to the exchange, the attack was enabled via external employees outside the US who passed on internal credentials in exchange for payment. Coinbase reported that all individuals involved have since been dismissed. Particularly alarming: the attackers demanded a ransom of 20 million USD, which Coinbase refused to pay. Instead, the exchange offered a bounty of the same amount for information leading to the identification of the perpetrators.
The company is now working closely with US and international law enforcement authorities. In an official statement, Coinbase emphasized that all affected customers have been informed and will be compensated if necessary-especially in cases where the stolen information leads to further attacks such as phishing attempts.

Regulatory scrutiny: SEC is watching closely

Coinbase is under scrutiny not only because of the security incident. The US Securities and Exchange Commission (SEC) is currently investigating allegations that the company may have inflated user numbers or failed to properly implement KYC requirements. Coinbase denies the allegations but emphasizes its willingness to cooperate. Analysts view the attack as further evidence that even leading crypto platforms are under increasing pressure to build professional security architectures and internal control systems on par with those of traditional banks.

KYC processes (Know Your Customer) require exchanges and brokers to collect sensitive personal data, thereby exposing users to potential data breaches. Some privacy advocates argued after the incident that this significantly increases risks for individuals without effectively preventing money laundering. Criminals often use fake or stolen KYC identities anyway, which undermines the effectiveness of such preventive measures. Ultimately, the argument goes, these processes may create more vulnerabilities than they prevent. The fact that such incidents tend to occur more often at crypto platforms rather than traditional brokers suggests weaker security mechanisms within the industry.