On May 11, Coinbase received an email from a threat actor claiming possession of customer account details and internal documents. Although some data, such as names, addresses, and emails, was compromised, login credentials and passwords remained secure. Coinbase plans to reimburse customers who fell victim to the attackers. The breach involved contractors and employees in support roles outside the U.S., leading to several dismissals. Analyst Bo Pei noted this incident might push the industry toward stricter employee vetting. Security remains a significant challenge for the crypto industry, with $2.2 billion stolen through hacks in 2024. Coinbase has refused a $20 million ransom demand and instead offered a reward of the same amount for information on the hackers. The company is also establishing a new U.S.-based support hub to enhance security measures.
— new from Reuters