[#title_feedzy_rewrite]
![[#title_feedzy_rewrite]](https://postcryptocoins.com/wp-content/uploads/2025/05/Coinbase-Says-Data-Breach-Impacting11-lzdXuV.jpg)
Coinbase, one of the largest cryptocurrency exchanges in the world, has officially disclosed a data breach that affected 69,461 users, including sensitive customer information like names, phone numbers, addresses, email IDs, and even government ID images. The breach occurred on December 26, 2024, but was only discovered in May 2025,
- Hackers bribed support staff to steal sensitive customer data from Coinbase.
- Delays in reporting the breach may lead to lawsuits and regulatory action.
- Critics say Coinbase overlooked warning signs and limited users’ legal options.
Coinbase, one of the largest cryptocurrency exchanges in the world, has officially disclosed a data breach that affected 69,461 users, including sensitive customer information like names, phone numbers, addresses, email IDs, and even government ID images. The breach occurred on December 26, 2024, but was only discovered in May 2025, according to a filing with the Maine Attorney General’s Office.
The breach, attributed to bribed overseas customer support agents, has intensified regulatory concerns and triggered a broader investigation involving the U.S. Department of Justice (DOJ). The breach impacted 217 residents of Maine, but its nationwide implications are much larger.
Insider Threat and Delayed Disclosure
Coinbase said suspicious activity was noticed among some customer support representatives as early as January 2025, but the scope of the breach wasn’t fully understood until May 11. The delay in deciding whether the breach was serious enough to report, as required by the SEC, has raised concerns.
SEC Scrutiny and Legal Risk
Amanda Fischer, a former SEC employee and policy director at Better Markets, said, “The fact that Coinbase is a public company that’s overseen by the SEC is kind of the only reason we have any data about this.”
Under SEC rules, public firms must disclose breaches within four days of determining that an incident may affect a shareholder’s decision to buy, hold, or sell stock. Now, questions are being raised about whether Coinbase delayed that disclosure, setting the stage for potential class action lawsuits.
Coinbase has already estimated potential damages between $180 million to $400 million due to the breach. The company also received a $20 million extortion demand from an unknown threat actor threatening to release stolen data.
Public Backlash and Internal Conflict
Coinbase CEO Brian Armstrong took to social media to address the breach, but critics say the company hasn’t been transparent. On-chain security expert Taylor Monahan accused the exchange of ignoring months of warnings from investigators about malicious insiders. She also described Coinbase’s internal response as dismissive and “gaslighting.”
Also, changes to Coinbase’s user agreement in April have come under scrutiny. More precisely, these changes limit the ability of a user to file class actions or even to seek legal recourse outside of federal courts in New York.
Highlighted Crypto News Today:
Trump Crypto Dinner Sparks Congressional Backlash