10 December 2025
Coinbase recently announced that a whopping 69.461 of its users were affected by a data breach. The incident occurred in December of last year, but was only discovered this month. It is a worrying revelation that raises questions about data security in the cryptocurrency sector.
In a notification to the Maine Attorney General’s Office, the San Francisco-based exchange warned that approximately 217 residents of the state were also affected by the breach. The cybercriminals allegedly worked with foreign customer service representatives to gain access to sensitive data, including names, addresses, phone numbers, email addresses, and identifying information. This shows how vulnerable digital platforms are to such attacks, and it is crucial that companies like Coinbase continuously strengthen their security measures.
Last week, Coinbase reported in an SEC filing that less than 1% of its monthly transaction users had been affected, an estimate that could be as high as 97.000 users. The discovery of the breach prompted the exchange to say that the attacks began when anomalous behavior from some customer service representatives was noticed as early as January. It’s a story that has only heightened tensions in the crypto space, especially as Coinbase faces scrutiny from the U.S. Department of Justice.
Paul Grewal, Coinbase’s Chief Legal Officer, said: “We have notified the relevant authorities and are working with the DOJ and other U.S. and international law enforcement agencies to bring the criminals behind these attacks to justice.” This underscores the importance of working with authorities in emergency situations like this.
Meanwhile, CEO Brian Armstrong has addressed the issue openly in a video on X that has already garnered over 3,6 million views. This shows his determination to be transparent in these challenging times. As Amanda Fischer, a former SEC employee, correctly points out: “Regulation is at the root of this situation. The fact that Coinbase is a publicly traded company that is regulated by the SEC, is the only reason we have information about this data breach now.”
The data breach could cost Coinbase between $180 million and $400 million, according to an SEC filing. The figure follows a threat from an unknown hacker who demanded $20 million to prevent further data release. Unfortunately, it’s not just about numbers; threats like these can also lead to dire consequences for those affected. TechCrunch co-founder Michael Arrington even said, “This hacking — with details like home addresses and account balances — will lead to deaths.”
A company’s responsibilities around reporting a data breach are complex. Fischer explained that companies have varying obligations in their disclosures to shareholders and customers, with customer protections often being a “patchwork” of rules depending on the state. This raises important questions about how and when companies like Coinbase should notify their customers about such incidents.
Unfortunately, it also appears that Coinbase’s recently amended user agreements make it more difficult for users to get involved in lawsuits, leading to accusations of a “conspiracy theory” from Armstrong. However, with numerous class-action lawsuits mounting against the exchange, the legal battle over the timing of shareholder involvement will only be a continuation of the drama.
In the crypto space, it is essential to remain aware of the risks and protect our rights. “Companies need to wake up; the world is changing and so are the expectations of their customers!”
The future of cryptocurrency is bright, but reports like these remind us that vigilance and transparency are key. Stay tuned, stay informed, and make your voice heard!
What happened before the Coinbase data breach?
The data breach was discovered after abnormal behavior from customer service agents was noticed in January, but it actually happened on December 26 last year.
How many users were affected by the data breach?
A total of 69.461 users have been affected, with a specific report suggesting that approximately 97.000 users could be affected.
What are the financial implications for Coinbase?
The company estimates the data breach could cost between $180 million and $400 million, not including potential reputational impact.
Bitcoin (BTC)
Ethereum (ETH)
XRP (XRP)
