- Coinbase has filed a new form with the Maine Attorney General
- This confirmed when the attack has happened and how many people have been affected
- The company confirmed the offer of a premium
We now know exactly how many people are affected by the recent violation of Coinbase data – 69,461. The company has confirmed the news in a new file with the Maine Prosecutor’s Office. In the file, the company said that the attack took place at the end of December 2024 and that it was spotted months later, in mid-May 2025.
He also shared a letter of notification of data violation which he sends to the affected people, in which he detailed what happened.
Apparently, threatening players have united “a small number of people offering Coinbase services” to exfiltrate them the data from sensitive customers.
Extensions and premiums
These people, who would have been dismissed later, stole identity information (names, birth dates, last four figures for their social security numbers), masked bank account numbers and “some bank account identifiers”, addresses, telephone numbers, email addresses, images of identifiers, driver’s licenses and different account information (transaction history, balance, transfers, and more).
The attackers then tried to extort Coinbase for $ 20 million, in exchange for the deletion of the data. Coinbase not only denied the offer, but also doubled, offering exactly the same sum – $ 20 million, to the one who presents usable information on identity or where the attackers are.
Previous reports on PK Press Club have said that the attack could cost Coinbase between $ 180 million and $ 400 million, citing a recently subject company regulatory deposit.
In addition to offering a bonus of $ 20 million, Coinbase has also promised to “make customers whole” – by reimbursing anyone who can prove that they have lost money after a social engineering attack made possible by the data stolen from the Crypto exchange.
Coinbase also said that he was working with the police and urged users to remain vigilant, create solid passwords, configure multi-factory authentication (MFA) and never share their connection identification information with anyone.
Via Techcrunch
