News about data breaches have unfortunately become all too familiar and the latest company to reveal an incident is Coinbase. The largest cryptocurrency exchange in the US, they recently announced that they were hit by a data breach in May 2025, which saw sensitive customer information stolen. But how did such a breach occur at a reputable and regulated fintech company that spends so much on cybersecurity? In February 2025, noted blockchain investigator, ZachXBT, reported an increase in thefts involving Coinbase users, primarily due to advanced risk models and the company’s inability to prevent yearly losses, approaching $300 million, from numerous social engineering scams.
On May 11, 2025, Coinbase confirmed such fears of cybersecurity vulnerabilities when they published a blog post stating details such as account balances, ID images, phone numbers, home addresses, and even bank details were stolen during the data breach. Even the threat actor who claimed responsibility for the breach boldly ‘swapped’ about $42.5 million from Bitcoin to Ether via THORChain, tauntingly leaving a message for ZachXBT.
However, unlike other companies faced with a similar predicament, Coinbase resisted the attacker’s $20 million ransom demand and responded with a $20 million reward for information leading to the attacker’s arrest – an unprecedented countermove. This strategy may well revolutionize how companies deal with cyber threats.
In conclusion, the incident reminded us of the vulnerability of digital assets and the importance of robust cybersecurity measures. And while Coinbase did handle the aftermath commendably, it’s crucial for users to stay vigilant and educated on the risks in the rapidly evolving landscape of fintech and cryptocurrencies.
