Bitcoin Forum

Hey everyone,

(https://www.cnbc.com/2025/05/15/coinbase-says-hackers-bribed-staff-to-steal-customer-data-and-are-demanding-20-million-ransom.html)

Following the recent Coinbase breach, in which scammers obtained customer data by bribing cb support agents, many users are now being targeted with highly convincing fake text message scams designed to steal login information or funds. I would like to warn everyone, stay safe, never click on unsolicited links, always verify any communication directly through official Coinbase channels, their official website, always verify and double-check identities. Enable two-factor authentication, and be wary of urgent or suspicious messages requesting personal information.

Coinbase is having a headline that's negative again. An insider attack as put them in another mess. Now getting a job would be much more difficult coming overseas.

These are risks we faced when our data are in the hands of another, the Internet will continue to show why it's a scary place for data and funds.

I think coinbase might be doing the right thing not paying the attackers but rather finding ways of getting them because their words might not be trusted  and they could still share or use the victim information in other illicit way like forging a fake personal ID using victim data for scam.

The victim just need to know their would more likely never really remain the same, we need to stay guided and avoid the use KYC  platforms when we can.

This is a really serious situation and yet another sign that humans are often the weakest link when it comes to security. When it gets to the point where someone from support can be bribed, even the best security systems can't fully protect users data leaks easily, and users are the ones who suffer. If you're using exchanges like Coinbase, then you should at least have the following in place:
2FA through an authenticator app
Whitelisted withdrawal addresses
And don't respond to messages marked as "urgent" or that create a sense of panic

I saw this news yesterday and wanted sharing to the forum again, another form of hack on yet again another top exchange, sadly the victims which are coinbase customers will definitely be affected and find it hard to get out easily on this, they will be faced with multiple phishing attempts from scammers parading as coinbase supports and with card details now also leaked it might be worse.

What is the lesson that one needs to learn from here, first this hack definitely shows that majority of the hack that affects exchanges are most internal attacks and this simply means that any of your KYC details with them are definitely at risk just like your coins, so as long you don’t want your details out then avoid KYC exchanges

With the recent news of crypto users that were attacked physically, exchanges should protect their users privacy but they carelessly let hackers know their customers information like drivers license that can easily let the bad people know details of their customers including the house they are living. This is very bad and this could be one of the things that may result to physical attack now or in the future.

It is about data and related to KYC which is risky and useless, and this fact is repeatedly warned by many people.
Why KYC is extremely dangerous – and useless. (https://bitcointalk.org/index.php?topic=5221497.0)

Furthermore, a batch approval on Bitcoin Spot ETF submissions in January 2024 and actual operations of those Bitcoin Spot ETFs as well as their chosen custodians - Coinbase - raise a sort of concern about potential issues from Coinbase and its impacts on Bitcoin Spot ETFs and Bitcoin market.
https://blockworks.co/analytics/bitcoin-etf/tracker

The enemy is always within, imagine you building a platform and you know you have to hire people since you can't run or operate it alone then those who you hired end up betraying you, this is human being for you.

The issue I have with crypto is the team, there are many failed projects today because of the type of people they gathered together to run the project, utility was very good but the human nature prevails, end up ruining it all.

I won't blame coin base that this happen but I will blame people who entrusted their funds to coin base as if its their cold wallet, coin base is still a centralised exchange the last time I checked, it's just like a thing that's now normal in crypto space today, it keeps happening over and over, yet people won't learn.

We have to keep in mind that no matter what Coinbase, Binance or any centralized exchanger says, none of them are 100% safe. Because our customers' data is on their servers. Yesterday, Coinbase's data was leaked. They claim that only one percent of their total data was stolen. Now you can be among this one percent. So we always have to be careful. For the safety of our accounts, we must keep Two-Step Verification turned on. And do not click on suspicious link.

This is how providing our KYC on certain platforms is dangerous because we don't know if we are really secured even if they are big platform. Also I don't know if the people working behind them is fool or just a total idiot for messing up again with the personal data's of their costumer.

Those people still using that platform should better leave them because they are to risky and we don't know next time maybe they experience a massive hacking then lots of money will lost on their side then also on their costumer.

This is indicator that they are good and better to avoid.

none of them are 100% safe thats what i can say, i even have a coinbase account and i moved my funds after hearing this.

It is one that hit hard than usual like
imagine trust on a  big name like coinbase & then boom ur info’s out there
just cos that someone inside took a bribe ?? that’s scary frend
it is not just DIGITAL now but the ppl can actually find u in real life
if stuffs like ID or addres leak
this kinda of stuff like these makes me wanna stick on these
cold wallet & just stay far from these kyc exchange fr.
hope ppl learn these time but it feels like a cycle that keep repeat itself
Sometime I wonder these Exchange conibase and binNce can do anything in order to compile with law Never trust the Centralized system
We Decentralised and enjoy with your keys

Oh I received some email from Coinbase if I'm not mistaken, but I didn't read it. I'm not sure though about the scammers bribing their support agents. I mean the modus of this criminals is to attack their support thru phishing links.

But it seems that the scammers doesn't want to do it anymore though, I mean they could have been thinking that it's just a waste of time. And the easiest way is to pay this support some good money to give them access to the personal information of their customers. Hopefully those who have cooperated with the cyber criminals should be held by Coinbase management.

I want to ask all the owners and organizers of these exchanges: why the hell are you collecting user data if you can't properly protect it? Is it perfect for your reputation, and after so many thefts, do users owe you more than you owe them? Maybe it's worth stopping this surveillance if such "control" only harms clients. But if those who suffered this time trust their data again, we can say that people do not respect themselves if they allow their privacy to be sold on the black markets of the Internet.

To start with, many of them don't even care about managing those data. Some mostly do it just to satisfy government claims based on things like proof of income for some customers. In the end it all comes down to profit. Virtually all CEX run for the purpose of profit. It's only Decentralized exchanges  is see a little dii in based on the interest in enthusiasm for privacy and security.
In all many users don't even care how their data is being handled and it's the same reason you see them rushing to do KYC without clarifying the need of it.

I agree with you, i think collecting data without protecting it is insane. What happened this week is extremely critical. From attempted kidnappings to this. I understand that some form of verification is necessary, but there are more and more scammers, and it's practically very difficult to stop them from doing what they do.

Yeah i got couple of emails, with very specific data, but i immediately know what the jig was, so i just reported it a spam and didn't give it a second though.
Unfortunately, these breaches happen, and will almost always happen, so just gotta find a way to live with it

Based on the news I saw, the hacker had asked for a ransom of around 20 million dollars, but Coinbase did not make the ransom he asked for. So I feel that the next thing he did was try to scam many users by sending convincing fake text that was designed to steal login information or funds like OP said. So, what can be done is to be careful with any information related to it, don't be gullible, double-check and verify any information related to it so that we don't easily fall into their trap.

Another reference : Coinbase says customers’ personal information stolen in data breach (https://techcrunch.com/2025/05/15/coinbase-says-customers-personal-information-stolen-in-data-breach/)

Sadly, unless there is enough incentive for them to avoid database leaks, stuff like this will always happen. I usually read news from security-focused media, and the number of database leaks is enormous. I think I see at least two per week. Some of them happened in the past, but it doesn't change the fact that companies are bad with data security, even if they're dealing with the security (2FA, password manager, etc) market.

Coinbase never ceases to amaze me, almost every year they are subjected to controversies and scandal. I don't know the reason why people are still using their services.  Do not forget that Coinbase has sold its blockchain analytics to various government agencies and some of the specific agencies are  Drug Enforcement Agency (DEA) and the IRS^[1] (https://beincrypto.com/a-look-at-coinbases-history-of-controversies-an-in-depth-report/)

But it is the right move of Coinbase not to pay the Ransom, since whether they pay it or not, these hackers can still sell the information to other entities since they already have a grasp of the information.


Hacks happen, and human error is bound to happen.  Even though the owner aims to protect these data, it is coming from an employee who holds the key to the company's data so there is an insider crime that happened here. Btw, they can't stop the data collection because it is required by the law (AML and KYC).  If they stop collecting Data then their service will be questioned by the authority.  Did you know that they were fined £3.5 million by the UK FCA^[2] (https://en.wikipedia.org/wiki/Coinbase) because they onboard a high-risk customer?  This time their Data collection backfired on them but due to the regulatory requirement, they still collect customer Data.

I'm not sure if my information is right, but I've read that in addition to basic personal information like names, addresses, emails, phone numbers, and government IDs, the cybercriminals also got access to partial social security numbers and bank account details.

In which case, it might also be advisable to monitor recent communications, updates, transactions, and the like involving these accounts as there might be unauthorized requests or transactions coming from malicious actors. 

So on the 1st of this month my friend who left us in college for a other college in the US called me and today me he has been doing an investment on bitcoin but with coinbase, he sounded so convinced that it's the right thing but I was not okay with that.

Behold he sent a screenshot which I will include below and it was a verified coinbase account on telegram chatting him up he ended up losing up to a thousand bucks to them before reaching out to me not for help but to convince me to join.

https://www.talkimg.com/images/2025/05/17/UaUGrq.jpeg

We rallied round to get the funds back but no way, though I already knew there is no way out but I had to play cool till he gave up the idea of chasing the scammer.

Here is another lesson just to verify the your datas are not safe with exchanges, this scammers got him from the data base coinbase lost.

Whenever there are random approaches through texts, emails, and other messaging platforms, it's best to avoid engaging with them. Ignore them at all costs when you know that you don't have any transactions at all. These data breaches do happen, and we have to be prepared if this ever happens to the exchange that we use. It's not only Coinbase that is being targeted by these breaches but also other exchanges that are known globally. Do not entertain, do not adhere to the instructions they give. Your fund, your control and don't let them control you through scare and panic.

Ugh.

Yet another reason not to use any exchange if you can help it.

How did Coinbase support agents get bribed anyway? Are they a third-party company outsourced in India or something?

I have just read about it in my local board (https://bitcointalk.org/index.php?topic=5543614.0) and, although expectable, it is terrible news. We live in a time when we have to be aware most of the time, and it doesn't seem to get any better anytime soon. Data is the new "gold" and who knows how it will be used against us in the future. For now, those who got registered in CEX and other online services would do well to take extreme precautions: not only in relation to Coinbase, once the attack is confirmed it is relatively easy to be aware, but in relation to other services that could get compromised without you being aware of it.

In reality, there has been a market for buying and selling social accounts including those with verified check marks. It's not safe as some people may see.

I'm curious though if your friend has clicked the check mark? because telegram premium users can attach an icon that looks like the verified check mark. It should show you such once you click it. I'm pretty sure scammers take advantage of this.


Most likely. From this article, we see "contractors working outside United States". I would assume they did this for the typical cutting down cost, hence they would likely be workers from developing countries. Most, if not all exchanges are probably doing the same.

Like i don't even know how OP found out they were bribed? can't the security system be hacked again and scammers obtain users data? and if so that they were bribed, don't they value their reputation for them to agree to such shady deal that will effect some of their users who will get scammed through phishing links and misleading email messages. I worry for those who still keep their cryptos in centralized exchanges because at the end of the day, they are most likely to fall for these scammers since they have the accurate data of Coinbase users.

It can happen with any company and in any country. Even national intelligent agency can be bribed and history shows it many time for us. It's not too surprising that something like this happen with any company and Coinbase is only a latest company got this business incident that still plays a helpful role of warning to us.

KYC is useless and very dangerous. (https://bitcointalk.org/index.php?topic=5221497.0)

Centralized platforms are not good places to store our funds and submit our personal idenity documents for KYC.
Reminder: do not keep your money in online accounts. (https://bitcointalk.org/index.php?topic=5421039.0)

It's not like being paranoid because with actual exisiting risks, we must be careful.

on the news it says they bribed men, as i remember it was from india or something