What You Need to Know about the Coinbase Data Breach

Coinbase is a digital currency platform that allows consumers to transact using digital currencies, including Ethereum and Bitcoin. It is one of the most popular exchanges, with millions of users. The company’s initial vision is to bring efficiency and innovation to the global economy. 

Despite significant security measures to secure the wallet and transactions, there was a breach in late 2024. It began when hackers targeted an employee using bribery in exchange for insider knowledge. 

The employee yielded more access than intended, allowing the hackers to bypass the platform’s multi-factor authentication, which relied on SMS verification. The hackers then exploited the internal account recovery portal and reset the credentials to commandeer user accounts. Unfortunately, the emails and transaction histories of almost 70,000 Coinbase customers were exposed during the attack. 

From the larger group, 6000 users incurred financial losses when the hackers drained their cryptocurrency accounts. The reach came to the company’s attention when it received credible evidence from the hacker, which demanded $20 million or they would release the information on the dark web. They are currently working with various industry partners and law enforcement agencies to track stolen assets. Coinbase also terminated all insiders involved in the breach, with plans to pursue criminal charges against the staffers.  

When Was the Coinbase Data Breach?

Coinbase reported that the extortion attempt happened on May 11, 2025. However, they categorically indicated they turned it down and instead disclosed the incident. The hackers then compiled a list of customers they contacted while claiming to be from the company. The breach caused significant alarm because of an increase in subsequent unrelated crimes like kidnappings and violence against exposed users. 

In the breach notifications, Coinbase stated the information did not include passwords or other details allowing unauthorized individuals to access user accounts. 

How to Check if Your Data Was Breached

Coinbase is still investigating the data breach, but they issued official disclosures, notifying affected consumers by email on May 15, 2025. If a consumer’s data is exposed, they would receive a detailed message illustrating the exposed data, including names, addresses, and partial SSNs. Even if a consumer has not received an email, they should remain vigilant for signs of infiltration. 

This may be present through unsolicited password reset requests or unauthorized financial transactions. Scammers may also impersonate Coinbase to trick individuals into revealing their passwords. The company also offers a year of identity protection services via IDX. This includes dark web monitoring and an additional million-dollar insurance policy for consumers. Affected clients may enroll in the program using the details in the breach notification letter. 

Consumers may also contact the platform support directly if they are unsure about their status. It is advisable to avoid clicking links in unsolicited emails. Rather, log in to your account using the official application to get alerts from the company. 

What to Do If Your Data Was Breached

If your data was accessed during the hack, immediately protect your finances and profile. The first thing to do is to confirm the breach by searching your email for the company’s official notification. If you did not receive the email but still suspect your data was breached, log into the Coinbase account and search for security alerts. 

The next step is to secure your account by changing passwords and setting two-factor authentication. However, it would be advisable to avoid SMS two-factor authentication and instead use authenticators or hardware security keys. You may also activate the withdraw-allow listing to prevent unauthorized transfers and require manual approval in the case of new withdrawal addresses. 

You should also assess credit reports and your financial accounts. Identity thieves sometimes use this data for suspicious activities. If the partial social security number was exposed, you may set a credit freeze with the main bureaus to block unauthorized loans. Consider the free identity protection services provided, which include a year of dark web monitoring and identity theft insurance. 

Remain vigilant for phishing attempts. Scammers can pose as support and ask for log-in details or cryptocurrency transfers. Never share two-factor codes or passwords. Report all cases of unauthorized transactions to the authorities. You should also contact Coinbase support immediately and the Federal Trade Commission. 

Are There Any Lawsuits Because of the Coinbase Data Breach?

Coinbase is currently facing lawsuits following the exposure of 70,000 user’s data. These include class action suits against the platform. Filed in Pennsylvania by Brady Nessler, the suit accused Coinbase of misleading investors on their security and compliance with regulations. Another five class actions have been filed alleging Coinbase’s weak security protocols allowing hackers to bribe overseas support agents. 

Some litigation measures sought monetary compensation, though others demanded that Coinbase purge compromised information and hire auditors to overhaul security. The United States Department of Justice is also investigating the data breach. The Securities Exchange Commission will also scrutinize Coinbase’s disclosure measures following the data breach to determine if they comply with the security statutes. 

Can My Coinbase Information Be Used for Identity Theft?

Coinbase user account information may be used for identity theft after the data breach. The stolen data included names, phone numbers, email addresses, and government-issued IDs. Criminals could use these details to pursue loans or open fraudulent accounts in your name. Access to the account balance or the transaction history can also facilitate targeted scams against a high-net-worth individual. 

Though passwords and direct fund access were allegedly not compromised, the data still poses a real risk. Cybercriminals may impersonate Coinbase personnel to trick unsuspecting users into revealing sensitive data. 

What Can You Do to Protect Yourself Online?

A data breach like Coinbase experienced can expose user information widely. However, you can implement a few things as a user to secure your accounts, reduce future risks, and prevent identity theft. 

Monitor financial and online accounts: Check the bank and credit card statements weekly for unauthorized transactions. Set up credit monitoring with relevant bureaus. 

Strengthen your authentication and passwords: Implement unique or robust passwords for every account. Use an authenticator application to set two-factor authentication. 

Secure Your Devices and Networks: Update the software regularly to patch any software issues. Install reputable antivirus software for threat detection. 

Report any Suspicious Activity Immediately: Contact Coinbase support if there is any unauthorized access.