Coinbase Targeted in Major Data Breach Amid Bribery Scheme
On May 15, 2025, Coinbase, a leading cryptocurrency exchange, reported a serious data breach linked to bribery of customer support agents in India. Attackers exploited this insider access to gather sensitive customer information, leading to an attempted extortion demand of $20 million. In a bold move, Coinbase publicly refused to pay the ransom and instead offered a reward for information about the attackers. Fortunately, the breach did not compromise passwords, private keys, or Prime accounts. However, the estimated financial impact of the incident could range between $180 million and $400 million due to damages and mitigation efforts. This incident underscores the importance of robust internal security protocols and employee training to prevent insider threats in the rapidly evolving cryptocurrency landscape.
Also In Security Today
- CVE-2021-22054 Disclosed: A vulnerability in the Omnissa Workspace One UEM system allows unauthorized access to sensitive information. CISA has flagged it as actively exploited, urging immediate patching.
- Healthcare Data Breaches Rise: Recent reports indicate a 30% increase in healthcare data breaches in Q1 2025, with ransomware attacks being the primary vector. Organizations must enhance their security measures to protect patient data.
- New Phishing Campaign Targets Remote Workers: A sophisticated phishing campaign exploiting remote work environments has been identified, focusing on corporate credentials. Security teams should implement awareness training and two-factor authentication.
- Patch Released for Critical Microsoft Zero-Day: Microsoft has released a patch for a critical zero-day vulnerability in its Windows operating system. Users are urged to update their systems immediately to mitigate risks.