I have recordings proving Coinbase knew about breach months before disclosure
6 days ago
- #Phishing
- #Cybersecurity
- #Data Breach
- Received a phishing email and call from scammers impersonating Coinbase on January 7, 2025.
- Scammers had detailed personal information including SSN, Bitcoin balance, and driver's license details.
- Reported the incident to Coinbase immediately, but received no follow-up responses after initial acknowledgment.
- Coinbase disclosed a data breach in May 2025, four months after the attack, involving overseas contractors.
- Breach compromised sensitive data like names, addresses, SSN digits, ID images, and account balances.
- Attackers used sophisticated methods including email spoofing, phone impersonation, and SMS flooding.
- Coinbase's delayed response and lack of transparency raised serious security and trust concerns.
- Lessons include verifying email headers, using app-based 2FA, and never trusting unsolicited calls.
- Unanswered questions remain about the breach timeline and Coinbase's handling of early warnings.