Coinbase is now facing mounting scrutiny after it allegedly sat on a serious data breach for over four months, exposing the personal information of nearly 70,000 users before taking action.
The breach, which reportedly began with insiders at an overseas customer support center leaking sensitive data, was discovered in January 2025. However, users and regulators were not informed until May. The compromised data included partial Social Security numbers, home addresses, and account activity tied to support tickets.
The vendor at the center of the leak, TaskUs, is said to have had staff in India who accepted bribes in exchange for screenshots of Coinbase customer information. The exchange has since cut ties with the firm and is reportedly implementing stricter oversight of all third-party partners.
Coinbase now estimates the incident could cost up to $400 million in legal and remediation expenses. Meanwhile, a class-action lawsuit accuses the company of withholding critical information that might have affected its stock performance. A separate case has been filed against TaskUs for negligence.
By March, the stolen data had surfaced in Telegram groups known for crypto fraud, with attackers eventually attempting to extort $20 million from Coinbase in exchange for deleting the files. The company refused and instead offered the same amount as a bounty for leads on the culprits.
Regulatory agencies are now investigating whether Coinbase’s failure to disclose the breach sooner violated SEC rules for public companies.
The first half of 2025 has become the most damaging six-month period in crypto history, with over $2.1 billion stolen across 75+ separate incidents, according to new data.
A new breed of cyber-attack is sweeping through crypto media, exploiting site pop-ups and wallet-connect prompts instead of smart-contract bugs.
CoinMarketCap, one of the most widely used crypto data tracking platforms, is reportedly facing a front-end security breach, with multiple users encountering a suspicious prompt to verify their wallets.
Russia’s attempt to formalize its crypto mining sector is falling short, with most miners opting to remain off the books despite new regulations.