Coinbase Data Breach and Stock Losses 

On May 15, company disclosed that some customer support representatives were bribed, granting access to internal systems. This incident led to the theft of personal information from approximately 97,000 users, including names, addresses, email addresses, bank details, and identification documents. The attackers demanded a $20 million ransom, which Coinbase rejected, instead offering a $20 million reward for the capture of the perpetrators. 

Following the breach announcement, Coinbase’s stock price fell 7.2% to $244. The next day, it rose 9% to $266 but closed at $263.10 on May 23 after a 3.23% drop. This volatility indicates significant investor losses. The lawsuit also names CEO Brian Armstrong and CFO Alesia Haas as defendants, with investors claiming crypto exchange misled them by not disclosing the breaches promptly. 

Regulatory Issues in the UK 

The lawsuit highlights that Coinbase was fined $4.5 million by the UK’s Financial Conduct Authority (FCA) in 2024 for violating a 2020 agreement by onboarding high-risk customers. Nessler alleges Coinbase failed to disclose this violation during its IPO, claiming it artificially inflated the stock price and misled investors. 

Additionally, the company faces other lawsuits, including one in Illinois over improper biometric data collection. The company has not yet issued an official statement on these cases, but these events continue to impact Coinbase’s credibility and market value. 

You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don’t forget to follow us on our Telegram, YouTube, and Twitter channels for the latest news and updates.

The post Coinbase Faces Class Action Shock: 2025 Data Breach  appeared first on Coin Engineer.

Support Agents Allegedly Bribed, Millions Affected

In a lawsuit filed on May 16 in a New York federal court, plaintiff Paul Bender alleged that Coinbase failed to protect user data during a serious breach. The incident, which began on May 11, involved cybercriminals bribing support agents to gain access to internal systems.

You Might Be Interested In: Elon Musk Talks About the Name of a New Memecoin!

The stolen data included names, addresses, phone numbers, emails, the last four digits of Social Security numbers, bank details, driver’s licenses, passports, and account data like balances and transaction history. The attackers reportedly demanded a $20 million ransom, which Coinbase refused to pay.

At Least Six Lawsuits Allege Negligence, Delayed Response

Between May 15 and 16, at least six lawsuits were filed against Coinbase. Plaintiffs allege the exchange failed to maintain proper security measures, delayed informing users, and offered no meaningful steps to mitigate harm.

One California-based lawsuit demands Coinbase delete all sensitive data and hire independent auditors to evaluate its systems. Another suit added a claim of unjust enrichment, arguing that Coinbase underinvested in data security to boost profits.

In a filing with the U.S. Securities and Exchange Commission (SEC), Coinbase estimated potential reimbursement costs to range between $180 million and $400 million. The company has pledged to compensate users who were tricked into sending crypto due to phishing scams linked to the data breach.

Following the news, Coinbase (COIN) shares initially dropped 7% to $244, but recovered with a 9% gain, closing at $266 on May 16.

You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don’t forget to follow us on our Telegram, YouTube, and Twitter channels for the latest news and updates.

The post Coinbase Faces Legal Firestorm After Massive Customer Data Breach appeared first on Coin Engineer.

Seed Phrase Trap: Social Engineering at Its Worst

Ed Suman, a 67-year-old former fabricator for top artists like Jeff Koons, spent decades in the art world before shifting his focus to cryptocurrency investing. Over time, he amassed 17.5 Bitcoin (BTC) and 225 Ethereum (ETH) — the core of his retirement portfolio — stored safely in a Trezor Model One hardware wallet.

But in March, he received a text message that appeared to be from Coinbase, alerting him to suspicious account activity. He replied, and shortly afterward, a man calling himself “Brett Miller from Coinbase security” called him.

You Might Be Interested In: Elon Musk Talks About the Name of a New Memecoin!

The caller seemed legitimate, even referencing Suman’s use of a hardware wallet. Over the phone, he walked Suman through a supposed “security procedure,” which required him to enter his seed phrase into a site that perfectly mimicked Coinbase’s interface.

A second scam call came nine days later. After following the same process again, all of Suman’s crypto was gone.

Real Data Breach at Coinbase Raises Alarms

Coincidentally or not, Coinbase recently disclosed a data breach where attackers bribed Indian customer support contractors to access private user data — including names, account balances, and transaction histories.

Roughly 1% of monthly users were affected, including Sequoia Capital’s managing partner Roelof Botha. While no funds were confirmed stolen from him, the incident highlights growing concerns over third-party vulnerabilities.

Coinbase has since fired the compromised contractors and is planning to compensate affected users with a budget between $180 million and $400 million.

Hardware Wallets Are Not Foolproof

Suman’s tragic loss is a painful reminder: Seed phrases should never be entered into any website, regardless of how authentic it looks. The biggest threat in crypto isn’t always technology — it’s human manipulation.

You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don’t forget to follow us on our Telegram, YouTube, and Twitter channels for the latest news and updates.

The post Retired Artist Loses $2M in Crypto to Fake Coinbase Site appeared first on Coin Engineer.

A data breach involving customer information, coupled with an ongoing SEC investigation into potentially misleading user statistics from 2021, led to a sharp market response.

Shares Slide 7% Amid Rising Concerns

On the evening of May 15, Coinbase stock dropped by 7%, falling to $244 in after-hours trading. Two simultaneous developments triggered this decline:

1. An investigation by the Securities and Exchange Commission (SEC) into Coinbase’s previous claim of having over 100 million “verified users” in 2021.
2. A serious data breach caused by compromised third-party support staff.

The SEC has questioned the accuracy of these user metrics as part of a probe that began during the Biden administration. Coinbase stopped reporting the metric in 2022, opting instead to disclose “monthly transacting users,” which it deems more relevant.

You Might Be Interested In: Elon Musk Talks About the Name of a New Memecoin!

Chief Legal Officer Paul Grewal stated that while Coinbase disagrees with the continuation of the investigation, it will fully cooperate with the SEC to bring it to a close.

Ransom Refused, Compensation Expected

In a separate incident, Coinbase revealed that attackers used internal support access to leak data from a limited number of accounts. The attackers demanded a $20 million ransom, which Coinbase firmly refused to pay.

However, the company pledged to compensate affected users, estimating total remediation costs to range between $180 million and $400 million.

You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don’t forget to follow us on our Telegram, YouTube, and Twitter channels for the latest news and updates.

The post Coinbase Hit By Data Breach And SEC Probe, Stock Falls 7% appeared first on Coin Engineer.

Coinbase has promised compensation to all affected users. The company will also cover losses for users deceived by social engineering attacks during this process, aiming to maintain user trust. Additionally, Coinbase created a $20 million reward fund to incentivize information leading to the identification of the attackers. The crypto exchange has started implementing new security measures to prevent user harm. 

Coinbase Cyber Attack

In a clear stance shared on X , Coinbase CEO Brian Armstrong stated: 

“We will not pay ransom to extortionists. Instead, we offer a $20 million reward to those who provide information leading to the identification and prosecution of the perpetrators.” 

Following the attack, Coinbase increased its security measures. A new customer support center was established in the US, where identity verification and fraud awareness notifications became mandatory. Moreover, additional identity verification processes were added for high-value transactions. These steps aim to protect user accounts. The company also announced that it will provide regular updates to users in the coming days. 

The Method Behind the Attack 

The attackers attempted to infiltrate the system by bribing some customer representatives working abroad. Coinbase described this as an unusual and complex social engineering attack. However, the attackers did not gain access to sensitive systems. 

Coinbase estimates that less than 1% of users’ data was affected. Nevertheless, it warned customers to remain vigilant against potential fraud risks. This incident has once again highlighted the growing cyber threats in the crypto sector. Last year, India-based WazirX lost $230 million in a similar attack. Coinbase’s breach underscores the urgent need for data security and regulatory measures. 

Security at crypto exchanges has become not only a technological but also a strategic priority. Users should protect their accounts with two-factor authentication and strong passwords. 

You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don’t forget to follow us on our Telegram, YouTube, and Twitter channels for the latest news and updates.

The post Coinbase Hit by Cyber Attack: CEO Sends Message of No Ransom appeared first on Coin Engineer.

“We spent the weekend thoroughly reviewing all internal data,” Ardoino stated. “As I previously mentioned, Bitfinex’s user database was not breached.”

The false rumors originated on social media over the weekend, stemming from a tweet by Alice of Shinoji Research alleging a large-scale Bitfinex data breach by the hacking group FSociety. The tweet, later deleted, was amplified by a major breaking news account, causing widespread concern.

Alice of Shinoji Research has since acknowledged the mistake. “The original BFX [Bitfinex] hack post was inaccurate,” they admitted. “It appears a group called ‘Flocker’ compiled a list of Bitfinex login details from previous breaches, then presented it as a major hack attempt.”

Ardoino reiterated that Bitfinex’s user database remains secure. The alleged hackers, he explained, likely compiled a list of emails and passwords stolen from other compromised platforms. “Unfortunately, many users reuse the same credentials across multiple services, including crypto exchanges,” Ardoino noted.

The post Bitfinex Data Breach Debunked: CTO Confirms False Alarm appeared first on Coin Engineer.