Citation Needed is an independent publication, entirely supported by readers like you. Consider signing up for a free or pay-what-you-want subscription — it really helps me to keep doing this work.
Coinbase has disclosed a substantial customer data breach, blaming it on “rogue overseas support agents”. This follows months of crypto security researchers warning about apparent security issues at the company.
According to Coinbase, the data thieves bribed members of Coinbase’s support team, which is based overseas and reportedly makes very little money. It seems Coinbase has been aware of a breach for several months, but only reported it on May 14.
At least five lawsuits have been filed about the breach in the days since, but a change to Coinbase’s customer agreement that went into effect on May 15 may make it more challenging for customers to obtain relief.
![Coinbase
On May 12, Coinbase announced it will join the S&P 500 as its “first and only crypto company”.1a This is the latest change that may see more American investors inadvertently exposed to the cryptocurrency industry via index funds, following MicroStrategy’s entry into the NASDAQ-100 in December 2024 [I72].
Their joy was likely tempered when, only two days later on May 14, they had to announce a data breach that exposed customer data including names, addresses, phone numbers, email addresses, images of government ID documents, account balance and transaction data, and masked social security and bank account numbers. Although leaks like this typically lead to an uptick in phishing attempts, where scammers use the private information to contact customers and more convincingly impersonate Coinbase employees, the leak of account balance data and customer addresses is also particularly concerning given the recent spike in violent attacks and kidnappings targeting wealthy crypto holders.
Crypto security researchers have been warning for months about Coinbase’s evidently poor security practices and lack of attention to customer complaints, and describing hacks in which victims reported being scammed by attackers who seemed to have access to private Coinbase data [I76]. In February, zachxbt wrote: “Coinbase needs to urgently make changes as more and more users are being scammed for tens of millions every month. ... Coinbase is in a position where they have the power to make](/proxy/post_attachment/500261/f8519d6c7c.png "Coinbase
On May 12, Coinbase announced it will join the S&P 500 as its “first and only crypto company”.1a This is the latest change that may see more American investors inadvertently exposed to the cryptocurrency industry via index funds, following MicroStrategy’s entry into the NASDAQ-100 in December 2024 [I72].
Their joy was likely tempered when, only two days later on May 14, they had to announce a data breach that exposed customer data including names, addresses, phone numbers, email addresses, images of government ID documents, account balance and transaction data, and masked social security and bank account numbers. Although leaks like this typically lead to an uptick in phishing attempts, where scammers use the private information to contact customers and more convincingly impersonate Coinbase employees, the leak of account balance data and customer addresses is also particularly concerning given the recent spike in violent attacks and kidnappings targeting wealthy crypto holders.
Crypto security researchers have been warning for months about Coinbase’s evidently poor security practices and lack of attention to customer complaints, and describing hacks in which victims reported being scammed by attackers who seemed to have access to private Coinbase data [I76]. In February, zachxbt wrote: “Coinbase needs to urgently make changes as more and more users are being scammed for tens of millions every month. ... Coinbase is in a position where they have the power to make")
@molly0xfff Can't help imagining that "rogue overseas support agents" is codespeak for "North Koreans" (disclaimer: I have *strictly no idea* if North Korea is, or is not, involved).